JBoss Portal SVN: r13548 - in modules/authorization/trunk: agent/src/main/java/org/jboss/security/authz/agent and 15 other directories.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-07-12 13:28:57 -0400 (Sun, 12 Jul 2009)
New Revision: 13548
Added:
modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/bootstrap/
modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/bootstrap/EmbeddedBootstrap.java
modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/bootstrap/ServiceContainer.java
Removed:
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/Agent.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/EmbeddedBootstrap.java
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/EmbeddedBootstrap.java
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/Server.java
Modified:
modules/authorization/trunk/agent/pom.xml
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestHierarchialPropagation.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliedActions.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliesHierarchialPropagation.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyServer.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestEnforcementGenerator.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestPolicyComposition.java
modules/authorization/trunk/common-api/pom.xml
modules/authorization/trunk/http-profile/pom.xml
modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/integration/TestEnterprisePolicyFinderModule.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java
modules/authorization/trunk/policy-server/pom.xml
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java
modules/authorization/trunk/portal-profile/pom.xml
Log:
testsuite refactoring
Modified: modules/authorization/trunk/agent/pom.xml
===================================================================
--- modules/authorization/trunk/agent/pom.xml 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/agent/pom.xml 2009-07-12 17:28:57 UTC (rev 13548)
@@ -28,12 +28,7 @@
<groupId>org.jboss.security.authz</groupId>
<artifactId>policy-server</artifactId>
<version>${project.version}</version>
- </dependency>
- <!-- jboss microcontainer -->
- <dependency>
- <groupId>org.jboss.microcontainer</groupId>
- <artifactId>jboss-kernel</artifactId>
- </dependency>
+ </dependency>
<!-- jboss xacml -->
<dependency>
<groupId>org.jboss.security</groupId>
Deleted: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/Agent.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/Agent.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/Agent.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -1,86 +0,0 @@
-/******************************************************************************
- * JBoss, a division of Red Hat *
- * Copyright 2006, Red Hat Middleware, LLC, and individual *
- * contributors as indicated by the @authors tag. See the *
- * copyright.txt in the distribution for a full listing of *
- * individual contributors. *
- * *
- * This is free software; you can redistribute it and/or modify it *
- * under the terms of the GNU Lesser General Public License as *
- * published by the Free Software Foundation; either version 2.1 of *
- * the License, or (at your option) any later version. *
- * *
- * This software is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
- * Lesser General Public License for more details. *
- * *
- * You should have received a copy of the GNU Lesser General Public *
- * License along with this software; if not, write to the Free *
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
- ******************************************************************************/
-package org.jboss.security.authz.agent;
-
-import java.net.URL;
-import java.util.Enumeration;
-
-import org.apache.log4j.Logger;
-
-import org.jboss.kernel.Kernel;
-import org.jboss.kernel.spi.dependency.KernelController;
-import org.jboss.dependency.spi.ControllerContext;
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- *
- */
-public final class Agent
-{
- private static Logger log = Logger.getLogger(Agent.class);
-
- private static Kernel kernel;
-
- public Agent()
- {
-
- }
-
- public static void bootstrap()
- {
- try
- {
- EmbeddedBootstrap bootstrap = new EmbeddedBootstrap();
- bootstrap.run();
-
- ClassLoader cl = Thread.currentThread().getContextClassLoader();
- Enumeration e = cl.getResources("META-INF/jboss-beans.xml");
- while(e.hasMoreElements())
- {
- URL url = (URL)e.nextElement();
- bootstrap.deploy(url);
- }
-
- kernel = bootstrap.getKernel();
- }
- catch(Exception e)
- {
- log.error("org.jboss.security.authz.policy.server.Server", e);
- throw new RuntimeException(e);
- }
- }
-
- public static Object lookup(String serviceId)
- {
- Object service = null;
-
- KernelController kernelController = kernel.getController();
- ControllerContext controllerContext = kernelController.getInstalledContext(serviceId);
- if(controllerContext != null)
- {
- service = controllerContext.getTarget();
- }
-
- return service;
- }
-}
Deleted: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/EmbeddedBootstrap.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/EmbeddedBootstrap.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/EmbeddedBootstrap.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -1,98 +0,0 @@
-/******************************************************************************
- * JBoss, a division of Red Hat *
- * Copyright 2006, Red Hat Middleware, LLC, and individual *
- * contributors as indicated by the @authors tag. See the *
- * copyright.txt in the distribution for a full listing of *
- * individual contributors. *
- * *
- * This is free software; you can redistribute it and/or modify it *
- * under the terms of the GNU Lesser General Public License as *
- * published by the Free Software Foundation; either version 2.1 of *
- * the License, or (at your option) any later version. *
- * *
- * This software is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
- * Lesser General Public License for more details. *
- * *
- * You should have received a copy of the GNU Lesser General Public *
- * License along with this software; if not, write to the Free *
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
- ******************************************************************************/
-package org.jboss.security.authz.agent;
-
-import java.net.URL;
-
-import org.apache.log4j.Logger;
-
-import org.jboss.kernel.plugins.bootstrap.basic.BasicBootstrap;
-import org.jboss.kernel.plugins.deployment.xml.BasicXMLDeployer;
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- *
- */
-final class EmbeddedBootstrap extends BasicBootstrap
-{
- private static Logger log = Logger.getLogger(EmbeddedBootstrap.class);
-
- protected BasicXMLDeployer deployer;
-
- public EmbeddedBootstrap() throws Exception
- {
- super();
- }
-
- public void bootstrap() throws Throwable
- {
- super.bootstrap();
- deployer = new BasicXMLDeployer(getKernel());
- Runtime.getRuntime().addShutdownHook(new Shutdown());
- }
-
- public void deploy(URL url)
- {
- try
- {
- // Workaround the fact that the BasicXMLDeployer does not handle
- // redeployment correctly
- if (deployer.getDeploymentNames().contains(url.toString()))
- {
- log.debug("Service is already deployed.");
- return;
- }
- deployer.deploy(url);
- }
- catch (Throwable t)
- {
- log.error(this, t);
- }
- }
-
- public void undeploy(URL url)
- {
- if (!deployer.getDeploymentNames().contains(url.toString()))
- {
- log.debug("Service is already undeployed.");
- return;
- }
- try
- {
- deployer.undeploy(url);
- }
- catch (Throwable t)
- {
- log.error(this, t);
- }
- }
-
- protected class Shutdown extends Thread
- {
- public void run()
- {
- log.info("Shutting down");
- deployer.shutdown();
- }
- }
-}
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -28,6 +28,7 @@
import org.jboss.security.authz.model.Subject;
import org.jboss.security.authz.model.Action;
import org.jboss.security.authz.model.Environment;
+import org.jboss.security.authz.model.Attribute;
import org.jboss.security.authz.agent.services.EnforcementStateGenerator;
import org.jboss.security.authz.policy.client.enforcement.Request;
@@ -109,7 +110,25 @@
{
if(securityContextObject instanceof Resource)
{
- request.addResource((Resource)securityContextObject);
+ //This is a bit rubbish. The XACML spec clearly allows multiple Resource elements within a Policy Definition.
+ //But for some reason, the SUN XACML implementation only honors a single Resource element. Regardless of this hack
+ //The end result will still be the same, and the Developer that uses this framework remains unaffected
+ //Its weird that SUN system allows multiple Resources in policy provisioning, but not in enforcement...That has to be a bug
+ //Anywhoooooooo......lets move on ;)
+
+ if(request.getResources() == null || request.getResources().isEmpty())
+ {
+ request.addResource((Resource)securityContextObject);
+ }
+ else
+ {
+ Resource currResource = (Resource)securityContextObject;
+ Resource local = request.getResources().iterator().next();
+ for(Attribute currAttr: currResource.getAttributes())
+ {
+ local.addAttribute(currAttr);
+ }
+ }
}
else if(securityContextObject instanceof Subject)
{
Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestHierarchialPropagation.java
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestHierarchialPropagation.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestHierarchialPropagation.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -31,7 +31,7 @@
import org.jboss.security.authz.model.Resource;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.Server;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
@@ -52,9 +52,9 @@
public void setUp() throws Exception
{
- Server.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
}
public void tearDown() throws Exception
Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliedActions.java
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliedActions.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliedActions.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -31,7 +31,7 @@
import org.jboss.security.authz.model.Resource;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.Server;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
@@ -55,9 +55,9 @@
public void setUp() throws Exception
{
- Server.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
}
public void tearDown() throws Exception
Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliesHierarchialPropagation.java
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliesHierarchialPropagation.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliesHierarchialPropagation.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -31,7 +31,7 @@
import org.jboss.security.authz.model.Resource;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.Server;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
@@ -54,9 +54,9 @@
public void setUp() throws Exception
{
- Server.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
}
public void tearDown() throws Exception
Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyServer.java
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyServer.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyServer.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -27,7 +27,7 @@
import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.policy.server.Server;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
@@ -41,8 +41,8 @@
public void setUp() throws Exception
{
- Server.bootstrap();
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
}
public void tearDown() throws Exception
Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestEnforcementGenerator.java
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestEnforcementGenerator.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestEnforcementGenerator.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -38,7 +38,7 @@
import org.jboss.security.authz.components.action.Manage;
import org.jboss.security.authz.components.resource.URIResource;
-import org.jboss.security.authz.agent.Agent;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
@@ -51,7 +51,7 @@
protected void setUp() throws Exception
{
- Agent.bootstrap();
+ ServiceContainer.bootstrap();
this.stateGenerator = new EnforcementStateGenerator();
}
//---------------------------------------------------------------------------------------------------------------------------------------------------------------
Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestPolicyComposition.java
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestPolicyComposition.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestPolicyComposition.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -39,7 +39,7 @@
import org.jboss.security.authz.components.action.Manage;
import org.jboss.security.authz.components.resource.URIResource;
-import org.jboss.security.authz.agent.Agent;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
import org.jboss.security.authz.agent.test.MockPolicy;
@@ -54,8 +54,8 @@
protected void setUp() throws Exception
{
- Agent.bootstrap();
- this.policyComposer = (PolicyComposer)Agent.lookup("/agent/PolicyComposer");
+ ServiceContainer.bootstrap();
+ this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
}
//---------------------------------------------------------------------------------------------------------------------------------------------------------------
public void testComposePermitIdentity() throws Exception
Modified: modules/authorization/trunk/common-api/pom.xml
===================================================================
--- modules/authorization/trunk/common-api/pom.xml 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/common-api/pom.xml 2009-07-12 17:28:57 UTC (rev 13548)
@@ -18,6 +18,11 @@
<dependency>
<groupId>org.jboss.security</groupId>
<artifactId>jboss-xacml</artifactId>
- </dependency>
+ </dependency>
+ <!-- jboss microcontainer -->
+ <dependency>
+ <groupId>org.jboss.microcontainer</groupId>
+ <artifactId>jboss-kernel</artifactId>
+ </dependency>
</dependencies>
</project>
Added: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/bootstrap/EmbeddedBootstrap.java
===================================================================
--- modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/bootstrap/EmbeddedBootstrap.java (rev 0)
+++ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/bootstrap/EmbeddedBootstrap.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -0,0 +1,98 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.bootstrap;
+
+import java.net.URL;
+
+import org.apache.log4j.Logger;
+
+import org.jboss.kernel.plugins.bootstrap.basic.BasicBootstrap;
+import org.jboss.kernel.plugins.deployment.xml.BasicXMLDeployer;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+final class EmbeddedBootstrap extends BasicBootstrap
+{
+ private static Logger log = Logger.getLogger(EmbeddedBootstrap.class);
+
+ protected BasicXMLDeployer deployer;
+
+ public EmbeddedBootstrap() throws Exception
+ {
+ super();
+ }
+
+ public void bootstrap() throws Throwable
+ {
+ super.bootstrap();
+ deployer = new BasicXMLDeployer(getKernel());
+ Runtime.getRuntime().addShutdownHook(new Shutdown());
+ }
+
+ public void deploy(URL url)
+ {
+ try
+ {
+ // Workaround the fact that the BasicXMLDeployer does not handle
+ // redeployment correctly
+ if (deployer.getDeploymentNames().contains(url.toString()))
+ {
+ log.debug("Service is already deployed.");
+ return;
+ }
+ deployer.deploy(url);
+ }
+ catch (Throwable t)
+ {
+ log.error(this, t);
+ }
+ }
+
+ public void undeploy(URL url)
+ {
+ if (!deployer.getDeploymentNames().contains(url.toString()))
+ {
+ log.debug("Service is already undeployed.");
+ return;
+ }
+ try
+ {
+ deployer.undeploy(url);
+ }
+ catch (Throwable t)
+ {
+ log.error(this, t);
+ }
+ }
+
+ protected class Shutdown extends Thread
+ {
+ public void run()
+ {
+ log.info("Shutting down");
+ deployer.shutdown();
+ }
+ }
+}
Added: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/bootstrap/ServiceContainer.java
===================================================================
--- modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/bootstrap/ServiceContainer.java (rev 0)
+++ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/bootstrap/ServiceContainer.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -0,0 +1,87 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.bootstrap;
+
+import java.net.URL;
+import java.util.Enumeration;
+
+import org.apache.log4j.Logger;
+
+import org.jboss.kernel.Kernel;
+import org.jboss.kernel.spi.dependency.KernelController;
+import org.jboss.dependency.spi.ControllerContext;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public final class ServiceContainer
+{
+ private static Logger log = Logger.getLogger(ServiceContainer.class);
+
+ private static Kernel kernel;
+
+ public ServiceContainer()
+ {
+
+ }
+
+ public static void bootstrap()
+ {
+ try
+ {
+ EmbeddedBootstrap bootstrap = new EmbeddedBootstrap();
+ bootstrap.run();
+
+ ClassLoader cl = Thread.currentThread().getContextClassLoader();
+ Enumeration e = cl.getResources("META-INF/jboss-beans.xml");
+ while(e.hasMoreElements())
+ {
+ URL url = (URL)e.nextElement();
+ String urlName = url.toString();
+ bootstrap.deploy(url);
+ }
+
+ kernel = bootstrap.getKernel();
+ }
+ catch(Exception e)
+ {
+ log.error("org.jboss.security.authz.agent.Agent", e);
+ throw new RuntimeException(e);
+ }
+ }
+
+ public static Object lookup(String serviceId)
+ {
+ Object service = null;
+
+ KernelController kernelController = kernel.getController();
+ ControllerContext controllerContext = kernelController.getInstalledContext(serviceId);
+ if(controllerContext != null)
+ {
+ service = controllerContext.getTarget();
+ }
+
+ return service;
+ }
+}
Modified: modules/authorization/trunk/http-profile/pom.xml
===================================================================
--- modules/authorization/trunk/http-profile/pom.xml 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/http-profile/pom.xml 2009-07-12 17:28:57 UTC (rev 13548)
@@ -45,13 +45,13 @@
<groupId>org.jboss.security</groupId>
<artifactId>jboss-xacml</artifactId>
<scope>test</scope>
- </dependency>
+ </dependency>
<!-- jboss microcontainer -->
<dependency>
<groupId>org.jboss.microcontainer</groupId>
<artifactId>jboss-kernel</artifactId>
<scope>test</scope>
- </dependency>
+ </dependency>
<!-- Drools -->
<dependency>
<groupId>org.drools</groupId>
Modified: modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java
===================================================================
--- modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -57,7 +57,7 @@
import org.jboss.security.authz.tools.GeneralTool;
import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.policy.server.Server;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
import org.jboss.security.authz.policy.server.spi.PolicyConfig;
import org.jboss.security.authz.policy.server.PolicyServer;
@@ -89,9 +89,9 @@
try
{
//Start the Policy Server
- Server.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
if(this.enforcer == null || this.provisioner == null)
{
@@ -99,7 +99,7 @@
}
//TODO: remove this
- PolicyServer ps = (PolicyServer)Server.lookup("/policy-server/PolicyServer");
+ PolicyServer ps = (PolicyServer)ServiceContainer.lookup("/policy-server/PolicyServer");
ps.getPolicyDecisionPoint().setDebug(true);
//Parse the specified Policy and update the Policy Server
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -27,7 +27,7 @@
import org.apache.log4j.Logger;
-import org.jboss.security.authz.agent.Agent;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
import org.jboss.security.authz.agent.services.CompositionContext;
import org.jboss.security.authz.agent.services.PolicyComposer;
@@ -50,8 +50,8 @@
protected void setUp() throws Exception
{
- Agent.bootstrap();
- this.policyComposer = (PolicyComposer)Agent.lookup("/agent/PolicyComposer");
+ ServiceContainer.bootstrap();
+ this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
}
//------------------------------------------------------------------------------------------------------------------------------------------------------------------
//TODO: migrate to the new developer framework
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -28,14 +28,14 @@
import junit.framework.TestCase;
import org.jboss.security.authz.http.component.resource.HttpResource;
+import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.http.component.action.Get;
-import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.model.Effect;
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.model.PolicyMetaData;
-import org.jboss.security.authz.agent.Agent;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.agent.enforcement.EnforcementContext;
import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
@@ -57,11 +57,11 @@
public void setUp() throws Exception
{
- Agent.bootstrap();
+ ServiceContainer.bootstrap();
- this.policyComposer = (PolicyComposer)Agent.lookup("/agent/PolicyComposer");
- this.enforcer = (PolicyEnforcementPoint)Agent.lookup("/agent/LocalEnforcementPoint");
- this.provisioner = (PolicyProvisioner)Agent.lookup("/agent/LocalPolicyProvisioner");
+ this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
}
//TODO: migrate to the new developer framework
@@ -79,7 +79,7 @@
//Setup the Context for the Composition with these components
CompositionContext context = new CompositionContext();
context.setPolicyTarget(policyResource);
- context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles, "allowExpression");
+ context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles, "allowExpression");
//Store the policy into the Policy Server
PolicyMetaData policyMetaData = this.policyComposer.compose(context);
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -33,7 +33,7 @@
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.Server;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
import junit.framework.TestCase;
@@ -49,9 +49,9 @@
public void setUp() throws Exception
{
- Server.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
}
//TODO: migrate to the new developer framework
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -36,7 +36,7 @@
import org.jboss.security.authz.model.Resource;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.Server;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
import junit.framework.TestCase;
@@ -52,9 +52,9 @@
public void setUp() throws Exception
{
- Server.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
}
//TODO: migrate to the new developer framework
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/integration/TestEnterprisePolicyFinderModule.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/integration/TestEnterprisePolicyFinderModule.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/integration/TestEnterprisePolicyFinderModule.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -38,7 +38,7 @@
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.Server;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
/**
@@ -53,9 +53,9 @@
public void setUp() throws Exception
{
- Server.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
}
public void tearDown() throws Exception
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -29,7 +29,7 @@
import org.apache.log4j.Logger;
-import org.jboss.security.authz.agent.Agent;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.agent.services.PolicyComposer;
@@ -42,7 +42,6 @@
import org.jboss.security.authz.tools.GeneralTool;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.Server;
import org.jboss.security.authz.policy.server.spi.PolicyConfig;
/**
@@ -65,12 +64,11 @@
*/
protected void setUp() throws Exception
{
- Server.bootstrap();
- Agent.bootstrap();
+ ServiceContainer.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
- this.policyComposer = (PolicyComposer)Agent.lookup("/agent/PolicyComposer");
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
+ this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
}
//------------------------------------------------------------------------------------------------------------------------------------------------------
//TODO: migrate to the new developer framework
Modified: modules/authorization/trunk/policy-server/pom.xml
===================================================================
--- modules/authorization/trunk/policy-server/pom.xml 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/policy-server/pom.xml 2009-07-12 17:28:57 UTC (rev 13548)
@@ -30,13 +30,7 @@
<groupId>org.jboss.security</groupId>
<artifactId>jboss-xacml</artifactId>
</dependency>
-
- <!-- jboss microcontainer -->
- <dependency>
- <groupId>org.jboss.microcontainer</groupId>
- <artifactId>jboss-kernel</artifactId>
- </dependency>
-
+
<!-- Drools -->
<dependency>
<groupId>org.drools</groupId>
Deleted: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/EmbeddedBootstrap.java
===================================================================
--- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/EmbeddedBootstrap.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/EmbeddedBootstrap.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -1,98 +0,0 @@
-/******************************************************************************
- * JBoss, a division of Red Hat *
- * Copyright 2006, Red Hat Middleware, LLC, and individual *
- * contributors as indicated by the @authors tag. See the *
- * copyright.txt in the distribution for a full listing of *
- * individual contributors. *
- * *
- * This is free software; you can redistribute it and/or modify it *
- * under the terms of the GNU Lesser General Public License as *
- * published by the Free Software Foundation; either version 2.1 of *
- * the License, or (at your option) any later version. *
- * *
- * This software is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
- * Lesser General Public License for more details. *
- * *
- * You should have received a copy of the GNU Lesser General Public *
- * License along with this software; if not, write to the Free *
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
- ******************************************************************************/
-package org.jboss.security.authz.policy.server;
-
-import java.net.URL;
-
-import org.apache.log4j.Logger;
-
-import org.jboss.kernel.plugins.bootstrap.basic.BasicBootstrap;
-import org.jboss.kernel.plugins.deployment.xml.BasicXMLDeployer;
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- *
- */
-final class EmbeddedBootstrap extends BasicBootstrap
-{
- private static Logger log = Logger.getLogger(EmbeddedBootstrap.class);
-
- protected BasicXMLDeployer deployer;
-
- public EmbeddedBootstrap() throws Exception
- {
- super();
- }
-
- public void bootstrap() throws Throwable
- {
- super.bootstrap();
- deployer = new BasicXMLDeployer(getKernel());
- Runtime.getRuntime().addShutdownHook(new Shutdown());
- }
-
- public void deploy(URL url)
- {
- try
- {
- // Workaround the fact that the BasicXMLDeployer does not handle
- // redeployment correctly
- if (deployer.getDeploymentNames().contains(url.toString()))
- {
- log.debug("Service is already deployed.");
- return;
- }
- deployer.deploy(url);
- }
- catch (Throwable t)
- {
- log.error(this, t);
- }
- }
-
- public void undeploy(URL url)
- {
- if (!deployer.getDeploymentNames().contains(url.toString()))
- {
- log.debug("Service is already undeployed.");
- return;
- }
- try
- {
- deployer.undeploy(url);
- }
- catch (Throwable t)
- {
- log.error(this, t);
- }
- }
-
- protected class Shutdown extends Thread
- {
- public void run()
- {
- log.info("Shutting down");
- deployer.shutdown();
- }
- }
-}
Deleted: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/Server.java
===================================================================
--- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/Server.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/Server.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -1,81 +0,0 @@
-/******************************************************************************
- * JBoss, a division of Red Hat *
- * Copyright 2006, Red Hat Middleware, LLC, and individual *
- * contributors as indicated by the @authors tag. See the *
- * copyright.txt in the distribution for a full listing of *
- * individual contributors. *
- * *
- * This is free software; you can redistribute it and/or modify it *
- * under the terms of the GNU Lesser General Public License as *
- * published by the Free Software Foundation; either version 2.1 of *
- * the License, or (at your option) any later version. *
- * *
- * This software is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
- * Lesser General Public License for more details. *
- * *
- * You should have received a copy of the GNU Lesser General Public *
- * License along with this software; if not, write to the Free *
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
- ******************************************************************************/
-package org.jboss.security.authz.policy.server;
-
-import java.net.URL;
-
-import org.apache.log4j.Logger;
-
-import org.jboss.kernel.Kernel;
-import org.jboss.kernel.spi.dependency.KernelController;
-import org.jboss.dependency.spi.ControllerContext;
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- *
- */
-public final class Server
-{
- private static Logger log = Logger.getLogger(Server.class);
-
- private static Kernel kernel;
-
- public Server()
- {
-
- }
-
- public static void bootstrap()
- {
- try
- {
- EmbeddedBootstrap bootstrap = new EmbeddedBootstrap();
- bootstrap.run();
-
- URL url = Thread.currentThread().getContextClassLoader().getResource("META-INF/jboss-beans.xml");
-
- bootstrap.deploy(url);
-
- kernel = bootstrap.getKernel();
- }
- catch(Exception e)
- {
- log.error("org.jboss.security.authz.policy.server.Server", e);
- throw new RuntimeException(e);
- }
- }
-
- public static Object lookup(String serviceId)
- {
- Object service = null;
-
- KernelController kernelController = kernel.getController();
- ControllerContext controllerContext = kernelController.getInstalledContext(serviceId);
- if(controllerContext != null)
- {
- service = controllerContext.getTarget();
- }
-
- return service;
- }
-}
Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java
===================================================================
--- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java 2009-07-12 17:28:57 UTC (rev 13548)
@@ -35,7 +35,7 @@
import org.drools.WorkingMemory;
import org.drools.StatefulSession;
-import org.jboss.security.authz.policy.server.Server;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
import org.jboss.security.xacml.interfaces.XACMLConstants;
import org.jboss.security.xacml.interfaces.XMLSchemaConstants;
@@ -120,7 +120,7 @@
log.debug("Firing Rule ="+reference.getVariableId());
//Establish a Stateful Drools Session
- DroolsRuleManager ruleManager = (DroolsRuleManager)Server.lookup("/policy-server/DroolsRuleManager");
+ DroolsRuleManager ruleManager = (DroolsRuleManager)ServiceContainer.lookup("/policy-server/DroolsRuleManager");
RuleBase ruleBase = ruleManager.getActiveRuleBase();
WorkingMemory workingMemory = ruleBase.newStatefulSession();
@@ -154,6 +154,9 @@
}
catch(Exception e)
{
+ log.error(this, e);
+
+
List code = new ArrayList();
code.add(Status.STATUS_PROCESSING_ERROR);
Status status = new Status(code, e.toString()+": "+e.getMessage());
Modified: modules/authorization/trunk/portal-profile/pom.xml
===================================================================
--- modules/authorization/trunk/portal-profile/pom.xml 2009-07-11 19:55:21 UTC (rev 13547)
+++ modules/authorization/trunk/portal-profile/pom.xml 2009-07-12 17:28:57 UTC (rev 13548)
@@ -38,12 +38,7 @@
<artifactId>jboss-xacml</artifactId>
<scope>test</scope>
</dependency>
- <!-- jboss microcontainer -->
- <dependency>
- <groupId>org.jboss.microcontainer</groupId>
- <artifactId>jboss-kernel</artifactId>
- <scope>test</scope>
- </dependency>
+
<!-- Drools -->
<dependency>
<groupId>org.drools</groupId>
16 years, 10 months
- 1
- 0
JBoss Portal SVN: r13547 - in modules/authorization/trunk: core-components-api/src/main/java/org/jboss/security/authz/components/subject and 2 other directories.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-07-11 15:55:21 -0400 (Sat, 11 Jul 2009)
New Revision: 13547
Modified:
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java
modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml
Log:
testsuite refactoring
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java 2009-07-11 18:17:51 UTC (rev 13546)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java 2009-07-11 19:55:21 UTC (rev 13547)
@@ -75,7 +75,7 @@
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------
public EnforcementResponse checkAccess(EnforcementContext enforcementContext) throws EnforcementException
{
- /*if(enforcementContext == null)
+ if(enforcementContext == null)
{
throw new IllegalArgumentException("Enforcement Context is Null");
}
@@ -94,11 +94,10 @@
{
log.error(this, pe);
throw new EnforcementException(pe);
- }*/
- return null;
+ }
}
//-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
- /*private Request generateEnforcementRequest(EnforcementContext enforcementContext)
+ private Request generateEnforcementRequest(EnforcementContext enforcementContext)
{
Request request = new Request();
@@ -136,5 +135,5 @@
}
return request;
- }*/
+ }
}
Modified: modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java
===================================================================
--- modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java 2009-07-11 18:17:51 UTC (rev 13546)
+++ modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java 2009-07-11 19:55:21 UTC (rev 13547)
@@ -141,7 +141,7 @@
String ruleLogic = MessageFormat.format(Roles.allowRule,
ruleReference, condition.substring(0, condition.length()-2).trim());
- return new String[]{ruleReference, buffer.toString()};
+ return new String[]{ruleReference, ruleLogic};
}
/**
@@ -165,6 +165,6 @@
String ruleLogic = MessageFormat.format(Roles.denyRule,
ruleReference, condition.substring(0, condition.length()-2).trim());
- return new String[]{ruleReference, buffer.toString()};
+ return new String[]{ruleReference, ruleLogic};
}
}
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-11 18:17:51 UTC (rev 13546)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-11 19:55:21 UTC (rev 13547)
@@ -27,8 +27,8 @@
import junit.framework.TestCase;
+import org.jboss.security.authz.http.component.resource.HttpResource;
import org.jboss.security.authz.http.component.action.Get;
-import org.jboss.security.authz.http.component.resource.HttpResource;
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.model.Effect;
@@ -37,6 +37,8 @@
import org.jboss.security.authz.agent.Agent;
import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.enforcement.EnforcementContext;
+import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.agent.services.PolicyComposer;
import org.jboss.security.authz.agent.services.CompositionContext;
@@ -92,7 +94,7 @@
//SetUp a Contextual HttpResource component representing an incoming request that needs authorization
//where access should be granted
- /*HttpResource permit = new HttpResource();
+ HttpResource permit = new HttpResource();
permit.setUri(new URI("/prefix/url/index.html"));
for(int i=0; i<5; i++)
{
@@ -113,10 +115,10 @@
}
//Access Granted Enforcement
- this.enforce(this.createRequest(permit), true);
+ this.enforce(this.createEnforcementContext(permit), true);
//Access Denied Enforcement
- this.enforce(this.createRequest(deny), false);*/
+ this.enforce(this.createEnforcementContext(deny), false);
}
/*public void testMatchContextSubset() throws Exception
@@ -156,13 +158,12 @@
//Access Denied Enforcement......In fact in the case where the Context carries a Subset of the parameters expected by the policy
//It will always result in a Deny since it will never fulfill the match expected by the policy
this.enforce(this.createRequest(deny), false);
- }
+ }*/
//-----------------------------------------------------------------------------------------------------------------------------------------------------
- private void enforce(Request request, boolean mustBePermitted) throws Exception
- {
+ private void enforce(EnforcementContext enforcementContext, boolean mustBePermitted) throws Exception
+ {
+ EnforcementResponse response = this.enforcer.checkAccess(enforcementContext);
- Response response = this.enforcer.checkAccess(request);
-
assertNotNull(response);
log.info("-----------------------------------");
log.info("Decision="+response.getMessage());
@@ -177,22 +178,22 @@
}
}
- private Request createRequest(HttpResource contextResource) throws Exception
+ private EnforcementContext createEnforcementContext(HttpResource protectedResource) throws Exception
{
- //Create a RequestType
- Request request = new Request();
-
- //Create Subjects
- Roles roles = new Roles();
- roles.addName("Admin");
- request.addSubject(roles.getSubject());
-
- //Create Resource
- request.addResource(contextResource.getResource());
-
- //Create Action
- request.setAction(new Read().getAction());
-
- return request;
- }*/
+ // Create an EnforcementContext
+ EnforcementContext context = new EnforcementContext();
+
+ //Resource being accessed
+ context.setAttribute("http-resource", protectedResource);
+
+ //Subject who are authenticated
+ Roles roles = new Roles();
+ roles.addName("Admin");
+ context.setAttribute("roles", roles);
+
+ //Action being performed
+ context.setAttribute("http-get", new Get());
+
+ return context;
+ }
}
Modified: modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml
===================================================================
--- modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-07-11 18:17:51 UTC (rev 13546)
+++ modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-07-11 19:55:21 UTC (rev 13547)
@@ -16,6 +16,7 @@
</bean>
<bean name="/policy-server/PolicyDecisionPoint" class="org.jboss.security.authz.policy.server.decision.PolicyDecisionPoint">
+ <property name="debug">true</property>
</bean>
<bean name="/policy-server/PolicyDeployer" class="org.jboss.security.authz.policy.server.provisioning.PolicyDeployer">
16 years, 10 months
- 1
- 0
JBoss Portal SVN: r13546 - in modules/authorization/trunk/core-components-api/src/test/java/org/jboss/security/authz: components and 1 other directory.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-07-11 14:17:51 -0400 (Sat, 11 Jul 2009)
New Revision: 13546
Removed:
modules/authorization/trunk/core-components-api/src/test/java/org/jboss/security/authz/components/http/
modules/authorization/trunk/core-components-api/src/test/java/org/jboss/security/authz/test/
Log:
testsuite refactoring
16 years, 10 months
- 1
- 0
JBoss Portal SVN: r13545 - in modules/authorization/trunk: agent/src/test/java/org/jboss/security/authz/agent/features and 1 other directories.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-07-11 14:15:40 -0400 (Sat, 11 Jul 2009)
New Revision: 13545
Added:
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestHierarchialPropagation.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliedActions.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliesHierarchialPropagation.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyServer.java
Removed:
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java
Log:
testsuite refactoring
Copied: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestHierarchialPropagation.java (from rev 13544, modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java)
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestHierarchialPropagation.java (rev 0)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestHierarchialPropagation.java 2009-07-11 18:15:40 UTC (rev 13545)
@@ -0,0 +1,253 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.features;
+
+import java.net.URI;
+
+import junit.framework.TestCase;
+import org.apache.log4j.Logger;
+
+import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.model.PolicyMetaData;
+import org.jboss.security.authz.model.Resource;
+import org.jboss.security.authz.policy.client.enforcement.Request;
+import org.jboss.security.authz.policy.client.enforcement.Response;
+import org.jboss.security.authz.policy.server.Server;
+
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.components.resource.URIResource;
+import org.jboss.security.authz.components.subject.Roles;
+import org.jboss.security.authz.components.action.Read;
+
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class TestHierarchialPropagation extends TestCase
+{
+ private static Logger log = Logger.getLogger(TestHierarchialPropagation.class);
+
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
+
+ public void setUp() throws Exception
+ {
+ Server.bootstrap();
+ this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ }
+
+ public void tearDown() throws Exception
+ {
+ }
+
+ //TODO: Rewrite these tests with the new Developer Framework
+ /*public void testExplicitPermit() throws Exception
+ {
+ //SetUp Resource
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/root/level1/level2/index.html"));
+ resource.setOperation(new Read());
+ resource.addAllowed("user");
+
+ //Provision the new policy
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+ this.provisioner.newPolicy(metadata);
+
+ //Go ahead and produce a RequestContext for a "Permit" Enforcement
+ URIResource contextResource = new URIResource();
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
+ contextResource.setOperation(new Read());
+
+ //Perform enforcement
+ this.enforce(this.createRequest(contextResource), true);
+ }
+
+ public void testExplicitDeny() throws Exception
+ {
+ //SetUp Resource
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/root/level1/level2/index.html"));
+ resource.setOperation(new Read());
+ resource.addDenied("user");
+
+ //Provision the new policy
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+ this.provisioner.newPolicy(metadata);
+ this.assertServerState();
+
+ //Go ahead and produce a RequestContext for a "Permit" Enforcement
+ URIResource contextResource = new URIResource();
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
+ contextResource.setOperation(new Read());
+
+ //Perform enforcement
+ this.enforce(this.createRequest(contextResource), false);
+ }
+
+ public void testPermitInheritance() throws Exception
+ {
+ //SetUp Resource
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/root/level1"));
+ resource.setOperation(new Read());
+ resource.addAllowed("user");
+
+ //Provision the new policy
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+ this.provisioner.newPolicy(metadata);
+
+ //Go ahead and produce a RequestContext for a "Permit" Enforcement
+ URIResource contextResource = new URIResource();
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
+ contextResource.setOperation(new Read());
+
+ //Perform enforcement
+ this.enforce(this.createRequest(contextResource), true);
+ }
+
+ public void testDenyInheritance() throws Exception
+ {
+ //SetUp Resource
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/root/level1"));
+ resource.setOperation(new Read());
+ resource.addDenied("user");
+
+ //Provision the new policy
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+ this.provisioner.newPolicy(metadata);
+
+ //Go ahead and produce a RequestContext for a "Permit" Enforcement
+ URIResource contextResource = new URIResource();
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
+ contextResource.setOperation(new Read());
+
+ //Perform enforcement
+ this.enforce(this.createRequest(contextResource), false);
+ }
+
+ public void testDenyOverridesPermitInheritance() throws Exception
+ {
+ //SetUp Permit policy
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/root/level1"));
+ resource.setOperation(new Read());
+ resource.addAllowed("user");
+
+ //Provision the new policy
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+ this.provisioner.newPolicy(metadata);
+
+ //Setup denied policy
+ resource = new URIResource();
+ resource.setUri(new URI("/root/level1/level2"));
+ resource.setOperation(new Read());
+ resource.addDenied("user");
+
+ //Provision the new policy
+ metadata = resource.getPolicyMetaData();
+ this.provisioner.newPolicy(metadata);
+
+ //Go ahead and produce a RequestContext for a "Permit" Enforcement
+ URIResource contextResource = new URIResource();
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
+ contextResource.setOperation(new Read());
+
+ //Perform enforcement
+ this.enforce(this.createRequest(contextResource), false);
+ }
+
+ public void testNotApplicable() throws Exception
+ {
+ //SetUp Resource
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/root2"));
+ resource.setOperation(new Read());
+ resource.addAllowed("user");
+
+ //Provision the new policy
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+ this.provisioner.newPolicy(metadata);
+
+ //Go ahead and produce a RequestContext for a "Permit" Enforcement
+ URIResource contextResource = new URIResource();
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
+ contextResource.setOperation(new Read());
+
+ //Perform enforcement
+ this.enforce(this.createRequest(contextResource), false);
+ }
+ //------------------------------------------------------------------------------------------------------------------------------------------------------
+ private Request createRequest(URIResource uriResource) throws Exception
+ {
+ //Create a RequestType
+ Request request = new Request();
+
+ //Enable Hierarchial Enforcement
+ request.setActivateHierarchialEnforcement(true);
+
+ //Create Resource
+ Resource urlResource = uriResource.getResource();
+ request.addResource(urlResource);
+
+ //Create Subjects
+ Roles roles = new Roles();
+ roles.addName("user");
+ request.addSubject(roles.getSubject());
+
+ //Create Action
+ request.setAction(uriResource.getOperation().getAction());
+
+ return request;
+ }
+
+ private void enforce(Request request, boolean mustBePermitted) throws Exception
+ {
+
+ Response response = this.enforcer.checkAccess(request);
+
+ assertNotNull(response);
+ log.info("-----------------------------------");
+ log.info("Decision="+response.getMessage());
+
+ if(mustBePermitted)
+ {
+ assertTrue("Access must be granted!!!", response.isAccessGranted());
+ }
+ else
+ {
+ assertFalse("Access must be denied!!!", response.isAccessGranted());
+ }
+ }
+
+ private void assertServerState() throws Exception
+ {
+ //Assert Policy State of the Server
+ Policy[] policies = this.provisioner.readAllPolicies();
+
+ assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1));
+ log.info("------------------------------------------------------------------------------");
+ log.info(policies[0].generateSystemPolicy());
+ }*/
+}
Property changes on: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestHierarchialPropagation.java
___________________________________________________________________
Name: svn:mergeinfo
+
Copied: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliedActions.java (from rev 13544, modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java)
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliedActions.java (rev 0)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliedActions.java 2009-07-11 18:15:40 UTC (rev 13545)
@@ -0,0 +1,170 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.features;
+
+import java.net.URI;
+
+import junit.framework.TestCase;
+import org.apache.log4j.Logger;
+
+import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.model.PolicyMetaData;
+import org.jboss.security.authz.model.Resource;
+import org.jboss.security.authz.policy.client.enforcement.Request;
+import org.jboss.security.authz.policy.client.enforcement.Response;
+import org.jboss.security.authz.policy.server.Server;
+
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.components.resource.URIResource;
+import org.jboss.security.authz.components.subject.Roles;
+import org.jboss.security.authz.components.action.Operation;
+import org.jboss.security.authz.components.action.Read;
+import org.jboss.security.authz.components.action.Write;
+import org.jboss.security.authz.components.action.Manage;
+
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class TestImpliedActions extends TestCase
+{
+ private static Logger log = Logger.getLogger(TestImpliedActions.class);
+
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
+
+ public void setUp() throws Exception
+ {
+ Server.bootstrap();
+ this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ }
+
+ public void tearDown() throws Exception
+ {
+ }
+
+ //TODO: Rewrite these tests with the new Developer Framework
+ /*public void testReadImpliedWithWrite() throws Exception
+ {
+ //SetUp Resource
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/blah/index.html"));
+ resource.setOperation(new Write());
+ resource.addAllowed("user");
+
+
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+
+ this.provisioner.newPolicy(metadata);
+ this.assertServerState();
+
+ //Go ahead and produce a RequestContext for a "Permit" Enforcement
+ this.enforce(this.createRequest(resource, new Read()), true);
+ }
+
+ public void testWriteImpliedWithManage() throws Exception
+ {
+ //SetUp Resource
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/blah/index.html"));
+ resource.setOperation(new Manage());
+ resource.addAllowed("user");
+
+
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+
+ this.provisioner.newPolicy(metadata);
+ this.assertServerState();
+
+ //Go ahead and produce a RequestContext for a "Permit" Enforcement
+ this.enforce(this.createRequest(resource, new Write()), true);
+ }
+
+ public void testWriteNotImpliedWithRead() throws Exception
+ {
+ //SetUp Resource
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/blah/index.html"));
+ resource.setOperation(new Read());
+ resource.addAllowed("user");
+
+
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+
+ this.provisioner.newPolicy(metadata);
+ this.assertServerState();
+
+ //Go ahead and produce a RequestContext for a "Deny" Enforcement
+ this.enforce(this.createRequest(resource, new Write()), false);
+ }
+ //------------------------------------------------------------------------------------------------------------------------------------------------------
+ private Request createRequest(URIResource uriResource, Operation operation) throws Exception
+ {
+ //Create a RequestType
+ Request request = new Request();
+
+ //Create Resource
+ Resource urlResource = uriResource.getResource();
+ request.addResource(urlResource);
+
+ //Create Subjects
+ Roles roles = new Roles();
+ roles.addName("user");
+ request.addSubject(roles.getSubject());
+
+ //Create Action
+ request.setAction(operation.getAction());
+
+ return request;
+ }
+
+ private void enforce(Request request, boolean mustBePermitted) throws Exception
+ {
+
+ Response response = this.enforcer.checkAccess(request);
+
+ assertNotNull(response);
+ log.info("-----------------------------------");
+ log.info("Decision="+response.getMessage());
+
+ if(mustBePermitted)
+ {
+ assertTrue("Access must be granted!!!", response.isAccessGranted());
+ }
+ else
+ {
+ assertFalse("Access must be denied!!!", response.isAccessGranted());
+ }
+ }
+
+ private void assertServerState() throws Exception
+ {
+ //Assert Policy State of the Server
+ Policy[] policies = this.provisioner.readAllPolicies();
+
+ assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1));
+ log.info("------------------------------------------------------------------------------");
+ log.info(policies[0].generateSystemPolicy());
+ }*/
+}
Property changes on: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliedActions.java
___________________________________________________________________
Name: svn:mergeinfo
+
Copied: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliesHierarchialPropagation.java (from rev 13544, modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java)
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliesHierarchialPropagation.java (rev 0)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliesHierarchialPropagation.java 2009-07-11 18:15:40 UTC (rev 13545)
@@ -0,0 +1,234 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.features;
+
+import java.net.URI;
+
+import junit.framework.TestCase;
+import org.apache.log4j.Logger;
+
+import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.model.PolicyMetaData;
+import org.jboss.security.authz.model.Resource;
+import org.jboss.security.authz.policy.client.enforcement.Request;
+import org.jboss.security.authz.policy.client.enforcement.Response;
+import org.jboss.security.authz.policy.server.Server;
+
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.components.resource.URIResource;
+import org.jboss.security.authz.components.subject.Roles;
+import org.jboss.security.authz.components.action.Read;
+import org.jboss.security.authz.components.action.Write;
+import org.jboss.security.authz.components.action.Manage;
+
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class TestImpliesHierarchialPropagation extends TestCase
+{
+ private static Logger log = Logger.getLogger(TestImpliesHierarchialPropagation.class);
+
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
+
+ public void setUp() throws Exception
+ {
+ Server.bootstrap();
+ this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ }
+
+ public void tearDown() throws Exception
+ {
+ }
+
+ //TODO: Rewrite these tests with the new Developer Framework
+ /*public void testExplicitPermitReadImpliedWithWrite() throws Exception
+ {
+ //SetUp Resource
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/root/level1/level2/index.html"));
+ resource.setOperation(new Write());
+ resource.addAllowed("user");
+
+ //Provision the new policy
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+ this.provisioner.newPolicy(metadata);
+
+ //Go ahead and produce a RequestContext for a "Permit" Enforcement
+ URIResource contextResource = new URIResource();
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
+ contextResource.setOperation(new Read());
+
+ //Perform enforcement
+ this.enforce(this.createRequest(contextResource), true);
+ }
+
+ public void testExplicitDenyWriteNotImpliedWithRead() throws Exception
+ {
+ //SetUp Resource
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/root/level1/level2/index.html"));
+ resource.setOperation(new Read());
+ resource.addAllowed("user");
+
+ //Provision the new policy
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+ this.provisioner.newPolicy(metadata);
+
+ //Go ahead and produce a RequestContext for a "Permit" Enforcement
+ URIResource contextResource = new URIResource();
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
+ contextResource.setOperation(new Write());
+
+ //Perform enforcement
+ this.enforce(this.createRequest(contextResource), false);
+ }
+
+ public void testPermitInheritanceWriteImpliedWithManage() throws Exception
+ {
+ //SetUp Resource
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/root/level1"));
+ resource.setOperation(new Manage());
+ resource.addAllowed("user");
+
+ //Provision the new policy
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+ this.provisioner.newPolicy(metadata);
+
+ //Go ahead and produce a RequestContext for a "Permit" Enforcement
+ URIResource contextResource = new URIResource();
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
+ contextResource.setOperation(new Write());
+
+ //Perform enforcement
+ this.enforce(this.createRequest(contextResource), true);
+ }
+
+ public void testDenyInheritanceManageNotImpliedWithWrite() throws Exception
+ {
+ //SetUp Resource
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/root/level1"));
+ resource.setOperation(new Write());
+ resource.addAllowed("user");
+
+ //Provision the new policy
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+ this.provisioner.newPolicy(metadata);
+
+ //Go ahead and produce a RequestContext for a "Permit" Enforcement
+ URIResource contextResource = new URIResource();
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
+ contextResource.setOperation(new Manage());
+
+ //Perform enforcement
+ this.enforce(this.createRequest(contextResource), false);
+ }
+
+ public void testDenyOverridesPermitInheritance() throws Exception
+ {
+ //SetUp Permit policy...User can write to level1
+ URIResource resource = new URIResource();
+ resource.setUri(new URI("/root/level1"));
+ resource.setOperation(new Write());
+ resource.addAllowed("user");
+
+ //Provision the new policy
+ PolicyMetaData metadata = resource.getPolicyMetaData();
+ this.provisioner.newPolicy(metadata);
+
+ //Setup denied policy....User can only read level2
+ resource = new URIResource();
+ resource.setUri(new URI("/root/level1/level2"));
+ resource.setOperation(new Read());
+ resource.addAllowed("user");
+
+ //Provision the new policy
+ metadata = resource.getPolicyMetaData();
+ this.provisioner.newPolicy(metadata);
+
+ //Go ahead and produce a RequestContext for a "Permit" Enforcement
+ //Trying to "Write" to level2 should be Denied
+ URIResource contextResource = new URIResource();
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
+ contextResource.setOperation(new Write());
+
+ //Perform enforcement
+ this.enforce(this.createRequest(contextResource), false);
+ }
+ //------------------------------------------------------------------------------------------------------------------------------------------------------
+ private Request createRequest(URIResource uriResource) throws Exception
+ {
+ //Create a RequestType
+ Request request = new Request();
+
+ //Enable Hierarchial Enforcement
+ request.setActivateHierarchialEnforcement(true);
+
+ //Create Resource
+ Resource urlResource = uriResource.getResource();
+ request.addResource(urlResource);
+
+ //Create Subjects
+ Roles roles = new Roles();
+ roles.addName("user");
+ request.addSubject(roles.getSubject());
+
+ //Create Action
+ request.setAction(uriResource.getOperation().getAction());
+
+ return request;
+ }
+
+ private void enforce(Request request, boolean mustBePermitted) throws Exception
+ {
+
+ Response response = this.enforcer.checkAccess(request);
+
+ assertNotNull(response);
+ log.info("-----------------------------------");
+ log.info("Decision="+response.getMessage());
+
+ if(mustBePermitted)
+ {
+ assertTrue("Access must be granted!!!", response.isAccessGranted());
+ }
+ else
+ {
+ assertFalse("Access must be denied!!!", response.isAccessGranted());
+ }
+ }
+
+ private void assertServerState() throws Exception
+ {
+ //Assert Policy State of the Server
+ Policy[] policies = this.provisioner.readAllPolicies();
+
+ assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1));
+ log.info("------------------------------------------------------------------------------");
+ log.info(policies[0].generateSystemPolicy());
+ }*/
+}
Property changes on: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliesHierarchialPropagation.java
___________________________________________________________________
Name: svn:mergeinfo
+
Copied: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyServer.java (from rev 13544, modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java)
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyServer.java (rev 0)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyServer.java 2009-07-11 18:15:40 UTC (rev 13545)
@@ -0,0 +1,68 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.features;
+
+import java.net.URI;
+import junit.framework.TestCase;
+import org.apache.log4j.Logger;
+
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.policy.server.Server;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class TestPolicyServer extends TestCase
+{
+ private static Logger log = Logger.getLogger(TestPolicyServer.class);
+
+ private PolicyProvisioner provisioner;
+
+
+ public void setUp() throws Exception
+ {
+ Server.bootstrap();
+ this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ }
+
+ public void tearDown() throws Exception
+ {
+ }
+
+ //TODO: Rewrite these tests with the new Developer Framework
+ /*public void testNewPolicy() throws Exception
+ {
+ HttpResource httpResource = new HttpResource();
+ httpResource.setUri(new URI("/blah/index.html"));
+ httpResource.addParameter("param1", "param1Value");
+
+ this.provisioner.newPolicy(httpResource.getPolicyMetaData());
+
+ //Assert Policy State of the Server
+ Policy[] policies = this.provisioner.readAllPolicies();
+
+ assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1));
+ log.info("------------------------------------------------------------------------------");
+ log.info(policies[0].generateSystemPolicy());
+ }*/
+}
Property changes on: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyServer.java
___________________________________________________________________
Name: svn:mergeinfo
+
Deleted: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java
===================================================================
--- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java 2009-07-11 18:09:49 UTC (rev 13544)
+++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java 2009-07-11 18:15:40 UTC (rev 13545)
@@ -1,252 +0,0 @@
-/*
-* JBoss, a division of Red Hat
-* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.authz.policy.server;
-
-import java.net.URI;
-
-import junit.framework.TestCase;
-import org.apache.log4j.Logger;
-
-import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.model.PolicyMetaData;
-import org.jboss.security.authz.model.Resource;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
-
-import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
-import org.jboss.security.authz.components.resource.URIResource;
-import org.jboss.security.authz.components.subject.Roles;
-import org.jboss.security.authz.components.action.Read;
-
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- */
-public class TestHierarchialPropagation extends TestCase
-{
- private static Logger log = Logger.getLogger(TestHierarchialPropagation.class);
-
- private PolicyEnforcementPoint enforcer;
- private PolicyProvisioner provisioner;
-
- public void setUp() throws Exception
- {
- Server.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
- }
-
- public void tearDown() throws Exception
- {
- }
-
- //TODO: Rewrite these tests with the new Developer Framework
- /*public void testExplicitPermit() throws Exception
- {
- //SetUp Resource
- URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1/level2/index.html"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
-
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
-
- //Go ahead and produce a RequestContext for a "Permit" Enforcement
- URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
-
- //Perform enforcement
- this.enforce(this.createRequest(contextResource), true);
- }
-
- public void testExplicitDeny() throws Exception
- {
- //SetUp Resource
- URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1/level2/index.html"));
- resource.setOperation(new Read());
- resource.addDenied("user");
-
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
- this.assertServerState();
-
- //Go ahead and produce a RequestContext for a "Permit" Enforcement
- URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
-
- //Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
- }
-
- public void testPermitInheritance() throws Exception
- {
- //SetUp Resource
- URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
-
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
-
- //Go ahead and produce a RequestContext for a "Permit" Enforcement
- URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
-
- //Perform enforcement
- this.enforce(this.createRequest(contextResource), true);
- }
-
- public void testDenyInheritance() throws Exception
- {
- //SetUp Resource
- URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1"));
- resource.setOperation(new Read());
- resource.addDenied("user");
-
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
-
- //Go ahead and produce a RequestContext for a "Permit" Enforcement
- URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
-
- //Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
- }
-
- public void testDenyOverridesPermitInheritance() throws Exception
- {
- //SetUp Permit policy
- URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
-
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
-
- //Setup denied policy
- resource = new URIResource();
- resource.setUri(new URI("/root/level1/level2"));
- resource.setOperation(new Read());
- resource.addDenied("user");
-
- //Provision the new policy
- metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
-
- //Go ahead and produce a RequestContext for a "Permit" Enforcement
- URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
-
- //Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
- }
-
- public void testNotApplicable() throws Exception
- {
- //SetUp Resource
- URIResource resource = new URIResource();
- resource.setUri(new URI("/root2"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
-
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
-
- //Go ahead and produce a RequestContext for a "Permit" Enforcement
- URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
-
- //Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
- }
- //------------------------------------------------------------------------------------------------------------------------------------------------------
- private Request createRequest(URIResource uriResource) throws Exception
- {
- //Create a RequestType
- Request request = new Request();
-
- //Enable Hierarchial Enforcement
- request.setActivateHierarchialEnforcement(true);
-
- //Create Resource
- Resource urlResource = uriResource.getResource();
- request.addResource(urlResource);
-
- //Create Subjects
- Roles roles = new Roles();
- roles.addName("user");
- request.addSubject(roles.getSubject());
-
- //Create Action
- request.setAction(uriResource.getOperation().getAction());
-
- return request;
- }
-
- private void enforce(Request request, boolean mustBePermitted) throws Exception
- {
-
- Response response = this.enforcer.checkAccess(request);
-
- assertNotNull(response);
- log.info("-----------------------------------");
- log.info("Decision="+response.getMessage());
-
- if(mustBePermitted)
- {
- assertTrue("Access must be granted!!!", response.isAccessGranted());
- }
- else
- {
- assertFalse("Access must be denied!!!", response.isAccessGranted());
- }
- }
-
- private void assertServerState() throws Exception
- {
- //Assert Policy State of the Server
- Policy[] policies = this.provisioner.readAllPolicies();
-
- assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1));
- log.info("------------------------------------------------------------------------------");
- log.info(policies[0].generateSystemPolicy());
- }*/
-}
Deleted: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java
===================================================================
--- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java 2009-07-11 18:09:49 UTC (rev 13544)
+++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java 2009-07-11 18:15:40 UTC (rev 13545)
@@ -1,169 +0,0 @@
-/*
-* JBoss, a division of Red Hat
-* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.authz.policy.server;
-
-import java.net.URI;
-
-import junit.framework.TestCase;
-import org.apache.log4j.Logger;
-
-import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.model.PolicyMetaData;
-import org.jboss.security.authz.model.Resource;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
-
-import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
-import org.jboss.security.authz.components.resource.URIResource;
-import org.jboss.security.authz.components.subject.Roles;
-import org.jboss.security.authz.components.action.Operation;
-import org.jboss.security.authz.components.action.Read;
-import org.jboss.security.authz.components.action.Write;
-import org.jboss.security.authz.components.action.Manage;
-
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- */
-public class TestImpliedActions extends TestCase
-{
- private static Logger log = Logger.getLogger(TestImpliedActions.class);
-
- private PolicyEnforcementPoint enforcer;
- private PolicyProvisioner provisioner;
-
- public void setUp() throws Exception
- {
- Server.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
- }
-
- public void tearDown() throws Exception
- {
- }
-
- //TODO: Rewrite these tests with the new Developer Framework
- /*public void testReadImpliedWithWrite() throws Exception
- {
- //SetUp Resource
- URIResource resource = new URIResource();
- resource.setUri(new URI("/blah/index.html"));
- resource.setOperation(new Write());
- resource.addAllowed("user");
-
-
- PolicyMetaData metadata = resource.getPolicyMetaData();
-
- this.provisioner.newPolicy(metadata);
- this.assertServerState();
-
- //Go ahead and produce a RequestContext for a "Permit" Enforcement
- this.enforce(this.createRequest(resource, new Read()), true);
- }
-
- public void testWriteImpliedWithManage() throws Exception
- {
- //SetUp Resource
- URIResource resource = new URIResource();
- resource.setUri(new URI("/blah/index.html"));
- resource.setOperation(new Manage());
- resource.addAllowed("user");
-
-
- PolicyMetaData metadata = resource.getPolicyMetaData();
-
- this.provisioner.newPolicy(metadata);
- this.assertServerState();
-
- //Go ahead and produce a RequestContext for a "Permit" Enforcement
- this.enforce(this.createRequest(resource, new Write()), true);
- }
-
- public void testWriteNotImpliedWithRead() throws Exception
- {
- //SetUp Resource
- URIResource resource = new URIResource();
- resource.setUri(new URI("/blah/index.html"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
-
-
- PolicyMetaData metadata = resource.getPolicyMetaData();
-
- this.provisioner.newPolicy(metadata);
- this.assertServerState();
-
- //Go ahead and produce a RequestContext for a "Deny" Enforcement
- this.enforce(this.createRequest(resource, new Write()), false);
- }
- //------------------------------------------------------------------------------------------------------------------------------------------------------
- private Request createRequest(URIResource uriResource, Operation operation) throws Exception
- {
- //Create a RequestType
- Request request = new Request();
-
- //Create Resource
- Resource urlResource = uriResource.getResource();
- request.addResource(urlResource);
-
- //Create Subjects
- Roles roles = new Roles();
- roles.addName("user");
- request.addSubject(roles.getSubject());
-
- //Create Action
- request.setAction(operation.getAction());
-
- return request;
- }
-
- private void enforce(Request request, boolean mustBePermitted) throws Exception
- {
-
- Response response = this.enforcer.checkAccess(request);
-
- assertNotNull(response);
- log.info("-----------------------------------");
- log.info("Decision="+response.getMessage());
-
- if(mustBePermitted)
- {
- assertTrue("Access must be granted!!!", response.isAccessGranted());
- }
- else
- {
- assertFalse("Access must be denied!!!", response.isAccessGranted());
- }
- }
-
- private void assertServerState() throws Exception
- {
- //Assert Policy State of the Server
- Policy[] policies = this.provisioner.readAllPolicies();
-
- assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1));
- log.info("------------------------------------------------------------------------------");
- log.info(policies[0].generateSystemPolicy());
- }*/
-}
Deleted: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java
===================================================================
--- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java 2009-07-11 18:09:49 UTC (rev 13544)
+++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java 2009-07-11 18:15:40 UTC (rev 13545)
@@ -1,233 +0,0 @@
-/*
-* JBoss, a division of Red Hat
-* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.authz.policy.server;
-
-import java.net.URI;
-
-import junit.framework.TestCase;
-import org.apache.log4j.Logger;
-
-import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.model.PolicyMetaData;
-import org.jboss.security.authz.model.Resource;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
-
-import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
-import org.jboss.security.authz.components.resource.URIResource;
-import org.jboss.security.authz.components.subject.Roles;
-import org.jboss.security.authz.components.action.Read;
-import org.jboss.security.authz.components.action.Write;
-import org.jboss.security.authz.components.action.Manage;
-
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- */
-public class TestImpliesHierarchialPropagation extends TestCase
-{
- private static Logger log = Logger.getLogger(TestImpliesHierarchialPropagation.class);
-
- private PolicyEnforcementPoint enforcer;
- private PolicyProvisioner provisioner;
-
- public void setUp() throws Exception
- {
- Server.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
- }
-
- public void tearDown() throws Exception
- {
- }
-
- //TODO: Rewrite these tests with the new Developer Framework
- /*public void testExplicitPermitReadImpliedWithWrite() throws Exception
- {
- //SetUp Resource
- URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1/level2/index.html"));
- resource.setOperation(new Write());
- resource.addAllowed("user");
-
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
-
- //Go ahead and produce a RequestContext for a "Permit" Enforcement
- URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
-
- //Perform enforcement
- this.enforce(this.createRequest(contextResource), true);
- }
-
- public void testExplicitDenyWriteNotImpliedWithRead() throws Exception
- {
- //SetUp Resource
- URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1/level2/index.html"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
-
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
-
- //Go ahead and produce a RequestContext for a "Permit" Enforcement
- URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Write());
-
- //Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
- }
-
- public void testPermitInheritanceWriteImpliedWithManage() throws Exception
- {
- //SetUp Resource
- URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1"));
- resource.setOperation(new Manage());
- resource.addAllowed("user");
-
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
-
- //Go ahead and produce a RequestContext for a "Permit" Enforcement
- URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Write());
-
- //Perform enforcement
- this.enforce(this.createRequest(contextResource), true);
- }
-
- public void testDenyInheritanceManageNotImpliedWithWrite() throws Exception
- {
- //SetUp Resource
- URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1"));
- resource.setOperation(new Write());
- resource.addAllowed("user");
-
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
-
- //Go ahead and produce a RequestContext for a "Permit" Enforcement
- URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Manage());
-
- //Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
- }
-
- public void testDenyOverridesPermitInheritance() throws Exception
- {
- //SetUp Permit policy...User can write to level1
- URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1"));
- resource.setOperation(new Write());
- resource.addAllowed("user");
-
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
-
- //Setup denied policy....User can only read level2
- resource = new URIResource();
- resource.setUri(new URI("/root/level1/level2"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
-
- //Provision the new policy
- metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
-
- //Go ahead and produce a RequestContext for a "Permit" Enforcement
- //Trying to "Write" to level2 should be Denied
- URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Write());
-
- //Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
- }
- //------------------------------------------------------------------------------------------------------------------------------------------------------
- private Request createRequest(URIResource uriResource) throws Exception
- {
- //Create a RequestType
- Request request = new Request();
-
- //Enable Hierarchial Enforcement
- request.setActivateHierarchialEnforcement(true);
-
- //Create Resource
- Resource urlResource = uriResource.getResource();
- request.addResource(urlResource);
-
- //Create Subjects
- Roles roles = new Roles();
- roles.addName("user");
- request.addSubject(roles.getSubject());
-
- //Create Action
- request.setAction(uriResource.getOperation().getAction());
-
- return request;
- }
-
- private void enforce(Request request, boolean mustBePermitted) throws Exception
- {
-
- Response response = this.enforcer.checkAccess(request);
-
- assertNotNull(response);
- log.info("-----------------------------------");
- log.info("Decision="+response.getMessage());
-
- if(mustBePermitted)
- {
- assertTrue("Access must be granted!!!", response.isAccessGranted());
- }
- else
- {
- assertFalse("Access must be denied!!!", response.isAccessGranted());
- }
- }
-
- private void assertServerState() throws Exception
- {
- //Assert Policy State of the Server
- Policy[] policies = this.provisioner.readAllPolicies();
-
- assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1));
- log.info("------------------------------------------------------------------------------");
- log.info(policies[0].generateSystemPolicy());
- }*/
-}
Deleted: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java
===================================================================
--- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java 2009-07-11 18:09:49 UTC (rev 13544)
+++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java 2009-07-11 18:15:40 UTC (rev 13545)
@@ -1,67 +0,0 @@
-/*
-* JBoss, a division of Red Hat
-* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.authz.policy.server;
-
-import java.net.URI;
-import junit.framework.TestCase;
-import org.apache.log4j.Logger;
-
-import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
-import org.jboss.security.authz.model.Policy;
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- */
-public class TestPolicyServer extends TestCase
-{
- private static Logger log = Logger.getLogger(TestPolicyServer.class);
-
- private PolicyProvisioner provisioner;
-
-
- public void setUp() throws Exception
- {
- Server.bootstrap();
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
- }
-
- public void tearDown() throws Exception
- {
- }
-
- //TODO: Rewrite these tests with the new Developer Framework
- /*public void testNewPolicy() throws Exception
- {
- HttpResource httpResource = new HttpResource();
- httpResource.setUri(new URI("/blah/index.html"));
- httpResource.addParameter("param1", "param1Value");
-
- this.provisioner.newPolicy(httpResource.getPolicyMetaData());
-
- //Assert Policy State of the Server
- Policy[] policies = this.provisioner.readAllPolicies();
-
- assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1));
- log.info("------------------------------------------------------------------------------");
- log.info(policies[0].generateSystemPolicy());
- }*/
-}
16 years, 10 months
- 1
- 0
JBoss Portal SVN: r13544 - in modules/authorization/trunk: http-profile/src/test/java/org/jboss/security/authz/http/components and 1 other directory.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-07-11 14:09:49 -0400 (Sat, 11 Jul 2009)
New Revision: 13544
Modified:
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/PolicyComposer.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
Log:
establishing baseline before fixing the testsuite with the new framework
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/PolicyComposer.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/PolicyComposer.java 2009-07-11 18:00:13 UTC (rev 13543)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/PolicyComposer.java 2009-07-11 18:09:49 UTC (rev 13544)
@@ -54,10 +54,10 @@
throw new IllegalStateException("Policy Target is missing!!");
}
- /*if(policyRules == null || policyRules.isEmpty())
+ if(policyRules == null || policyRules.isEmpty())
{
throw new IllegalStateException("Policy Rule(s) are missing!!");
- }*/
+ }
Target target = policyTarget.compose();
Set<Rule> rules = new HashSet<Rule>();
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-11 18:00:13 UTC (rev 13543)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-11 18:09:49 UTC (rev 13544)
@@ -77,7 +77,7 @@
//Setup the Context for the Composition with these components
CompositionContext context = new CompositionContext();
context.setPolicyTarget(policyResource);
- //context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles, "allowExpression");
+ context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles, "allowExpression");
//Store the policy into the Policy Server
PolicyMetaData policyMetaData = this.policyComposer.compose(context);
16 years, 10 months
- 1
- 0
JBoss Portal SVN: r13543 - in modules/authorization/trunk: agent/src/main/java/org/jboss/security/authz/agent/enforcement and 7 other directories.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-07-11 14:00:13 -0400 (Sat, 11 Jul 2009)
New Revision: 13543
Removed:
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/EnforcementException.java
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/LocalEnforcementPoint.java
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/PolicyEnforcementPoint.java
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/provisioning/
Modified:
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/Agent.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementContext.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/LocalPolicyProvisioner.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/EnforcementStateGenerator.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/PolicyComposer.java
modules/authorization/trunk/agent/src/main/resources/META-INF/jboss-beans.xml
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml
Log:
refactoring clear separation between an application agent and the policy server
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/Agent.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/Agent.java 2009-07-10 21:14:33 UTC (rev 13542)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/Agent.java 2009-07-11 18:00:13 UTC (rev 13543)
@@ -23,6 +23,7 @@
package org.jboss.security.authz.agent;
import java.net.URL;
+import java.util.Enumeration;
import org.apache.log4j.Logger;
@@ -52,10 +53,14 @@
EmbeddedBootstrap bootstrap = new EmbeddedBootstrap();
bootstrap.run();
- URL url = Thread.currentThread().getContextClassLoader().getResource("META-INF/jboss-beans.xml");
+ ClassLoader cl = Thread.currentThread().getContextClassLoader();
+ Enumeration e = cl.getResources("META-INF/jboss-beans.xml");
+ while(e.hasMoreElements())
+ {
+ URL url = (URL)e.nextElement();
+ bootstrap.deploy(url);
+ }
- bootstrap.deploy(url);
-
kernel = bootstrap.getKernel();
}
catch(Exception e)
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementContext.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementContext.java 2009-07-10 21:14:33 UTC (rev 13542)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementContext.java 2009-07-11 18:00:13 UTC (rev 13543)
@@ -22,6 +22,7 @@
package org.jboss.security.authz.agent.enforcement;
import java.io.Serializable;
+import java.util.Set;
import java.util.Map;
import java.util.HashMap;
@@ -47,6 +48,16 @@
this.attributes.put(name, attribute);
}
+ public Set<String> getNames()
+ {
+ return this.attributes.keySet();
+ }
+
+ public Object[] getValues()
+ {
+ return this.attributes.values().toArray();
+ }
+
public void clear(String name)
{
this.attributes.remove(name);
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java 2009-07-10 21:14:33 UTC (rev 13542)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java 2009-07-11 18:00:13 UTC (rev 13543)
@@ -23,6 +23,13 @@
import org.apache.log4j.Logger;
+import org.jboss.security.authz.model.AbstractContextObject;
+import org.jboss.security.authz.model.Resource;
+import org.jboss.security.authz.model.Subject;
+import org.jboss.security.authz.model.Action;
+import org.jboss.security.authz.model.Environment;
+import org.jboss.security.authz.agent.services.EnforcementStateGenerator;
+
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
import org.jboss.security.authz.policy.server.PolicyServer;
@@ -39,20 +46,13 @@
private static Logger log = Logger.getLogger(LocalEnforcementPoint.class);
private PolicyServer policyServer;
+ private EnforcementStateGenerator stateGenerator;
public LocalEnforcementPoint()
{
}
-
- public void start()
- {
- }
-
- public void stop()
- {
- }
-
+
public PolicyServer getPolicyServer()
{
return policyServer;
@@ -62,13 +62,33 @@
{
this.policyServer = policyServer;
}
+
+ public EnforcementStateGenerator getStateGenerator()
+ {
+ return stateGenerator;
+ }
+
+ public void setStateGenerator(EnforcementStateGenerator stateGenerator)
+ {
+ this.stateGenerator = stateGenerator;
+ }
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------
public EnforcementResponse checkAccess(EnforcementContext enforcementContext) throws EnforcementException
{
- /*try
+ /*if(enforcementContext == null)
{
+ throw new IllegalArgumentException("Enforcement Context is Null");
+ }
+ try
+ {
- return this.policyServer.evaluate(request);
+ Response response = this.policyServer.evaluate(this.generateEnforcementRequest(enforcementContext));
+
+ EnforcementResponse enforcementResponse = new EnforcementResponse();
+ enforcementResponse.setAccessGranted(response.isAccessGranted());
+ enforcementResponse.setMessage(response.getMessage());
+
+ return enforcementResponse;
}
catch(PolicyServerException pe)
{
@@ -77,4 +97,44 @@
}*/
return null;
}
+ //-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ /*private Request generateEnforcementRequest(EnforcementContext enforcementContext)
+ {
+ Request request = new Request();
+
+ Object[] components = enforcementContext.getValues();
+ for(Object component: components)
+ {
+ AbstractContextObject[] securityContextObjects = this.stateGenerator.generate(component);
+ for(AbstractContextObject securityContextObject: securityContextObjects)
+ {
+ if(securityContextObject instanceof Resource)
+ {
+ request.addResource((Resource)securityContextObject);
+ }
+ else if(securityContextObject instanceof Subject)
+ {
+ request.addSubject((Subject)securityContextObject);
+ }
+ else if(securityContextObject instanceof Action)
+ {
+ if(request.getAction() != null)
+ {
+ throw new IllegalArgumentException("Invalid Enforcement Context. Only a single instance of an Action component is allowed.");
+ }
+ request.setAction((Action)securityContextObject);
+ }
+ else if(securityContextObject instanceof Environment)
+ {
+ if(request.getEnvironment() != null)
+ {
+ throw new IllegalArgumentException("Invalid Enforcement Context. Only a single instance of an Environment component is allowed.");
+ }
+ request.setEnvironment((Environment)securityContextObject);
+ }
+ }
+ }
+
+ return request;
+ }*/
}
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/LocalPolicyProvisioner.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/LocalPolicyProvisioner.java 2009-07-10 21:14:33 UTC (rev 13542)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/LocalPolicyProvisioner.java 2009-07-11 18:00:13 UTC (rev 13543)
@@ -42,17 +42,7 @@
public LocalPolicyProvisioner()
{
}
-
- public void start()
- {
- }
-
- public void stop()
- {
-
- }
-
public PolicyServer getPolicyServer()
{
return policyServer;
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/EnforcementStateGenerator.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/EnforcementStateGenerator.java 2009-07-10 21:14:33 UTC (rev 13542)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/EnforcementStateGenerator.java 2009-07-11 18:00:13 UTC (rev 13543)
@@ -46,12 +46,17 @@
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
*/
-class EnforcementStateGenerator
+public class EnforcementStateGenerator
{
private static Logger log = Logger.getLogger(EnforcementStateGenerator.class);
- AbstractContextObject[] generate(Object component)
+ public EnforcementStateGenerator()
{
+
+ }
+ //----------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ public AbstractContextObject[] generate(Object component)
+ {
try
{
AbstractContextObject[] enforcementState = null;
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/PolicyComposer.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/PolicyComposer.java 2009-07-10 21:14:33 UTC (rev 13542)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/PolicyComposer.java 2009-07-11 18:00:13 UTC (rev 13543)
@@ -24,6 +24,8 @@
import java.util.Set;
import java.util.HashSet;
+import org.apache.log4j.Logger;
+
import org.jboss.security.authz.model.Target;
import org.jboss.security.authz.model.Rule;
import org.jboss.security.authz.model.PolicyMetaData;
@@ -33,11 +35,13 @@
*/
public class PolicyComposer
{
+ private static Logger log = Logger.getLogger(PolicyComposer.class);
+
public PolicyComposer()
{
- }
-
+ }
+ //-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
public PolicyMetaData compose(CompositionContext context)
{
PolicyMetaData policyMetaData = null;
@@ -50,10 +54,10 @@
throw new IllegalStateException("Policy Target is missing!!");
}
- if(policyRules == null || policyRules.isEmpty())
+ /*if(policyRules == null || policyRules.isEmpty())
{
throw new IllegalStateException("Policy Rule(s) are missing!!");
- }
+ }*/
Target target = policyTarget.compose();
Set<Rule> rules = new HashSet<Rule>();
Modified: modules/authorization/trunk/agent/src/main/resources/META-INF/jboss-beans.xml
===================================================================
--- modules/authorization/trunk/agent/src/main/resources/META-INF/jboss-beans.xml 2009-07-10 21:14:33 UTC (rev 13542)
+++ modules/authorization/trunk/agent/src/main/resources/META-INF/jboss-beans.xml 2009-07-11 18:00:13 UTC (rev 13543)
@@ -6,6 +6,22 @@
<bean name="/agent/PolicyComposer" class="org.jboss.security.authz.agent.services.PolicyComposer">
</bean>
- <bean name="/agent/PolicyEnforcementPoint" class="org.jboss.security.authz.agent.services.PolicyEnforcementPoint">
+ <bean name="/agent/EnforcementStateGenerator" class="org.jboss.security.authz.agent.services.EnforcementStateGenerator">
+ </bean>
+
+ <bean name="/agent/LocalEnforcementPoint" class="org.jboss.security.authz.agent.enforcement.LocalEnforcementPoint">
+ <property name="policyServer">
+ <inject bean="/policy-server/PolicyServer"/>
+ </property>
+
+ <property name="stateGenerator">
+ <inject bean="/agent/EnforcementStateGenerator"/>
+ </property>
+ </bean>
+
+ <bean name="/agent/LocalPolicyProvisioner" class="org.jboss.security.authz.agent.provisioning.LocalPolicyProvisioner">
+ <property name="policyServer">
+ <inject bean="/policy-server/PolicyServer"/>
+ </property>
</bean>
</deployment>
\ No newline at end of file
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-10 21:14:33 UTC (rev 13542)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-11 18:00:13 UTC (rev 13543)
@@ -24,18 +24,22 @@
import java.net.URI;
import org.apache.log4j.Logger;
-import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
-import org.jboss.security.authz.components.action.Read;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.authz.http.component.action.Get;
+import org.jboss.security.authz.http.component.resource.HttpResource;
import org.jboss.security.authz.components.subject.Roles;
-import org.jboss.security.authz.http.component.resource.HttpResource;
+import org.jboss.security.authz.model.Effect;
import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.Server;
+import org.jboss.security.authz.model.PolicyMetaData;
-import junit.framework.TestCase;
+import org.jboss.security.authz.agent.Agent;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.agent.services.PolicyComposer;
+import org.jboss.security.authz.agent.services.CompositionContext;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
@@ -44,29 +48,40 @@
{
private static Logger log = Logger.getLogger(TestParameterMatching.class);
+ private PolicyComposer policyComposer;
private PolicyEnforcementPoint enforcer;
- private PolicyProvisioner provisioner;
+ private PolicyProvisioner provisioner;
public void setUp() throws Exception
{
- Server.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ Agent.bootstrap();
+
+ this.policyComposer = (PolicyComposer)Agent.lookup("/agent/PolicyComposer");
+ this.enforcer = (PolicyEnforcementPoint)Agent.lookup("/agent/LocalEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)Agent.lookup("/agent/LocalPolicyProvisioner");
}
//TODO: migrate to the new developer framework
- /*public void testMatchContextSuperset() throws Exception
+ public void testMatchContextSuperset() throws Exception
{
//SetUp HttpResource component to generate/store a policy
HttpResource policyResource = new HttpResource();
- policyResource.setUri(new URI("/prefix/url/*"));
- policyResource.addAllowed("Admin");
+ policyResource.setUri(new URI("/prefix/url/*"));
policyResource.addParameter("p1", "p1Val");
policyResource.addParameter("p2", "p2Val");
+
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("Admin");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(policyResource);
+ //context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles, "allowExpression");
//Store the policy into the Policy Server
- this.provisioner.newPolicy(policyResource.getPolicyMetaData());
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
//Assert Policy State of the Server
Policy[] policies = this.provisioner.readAllPolicies();
@@ -77,7 +92,7 @@
//SetUp a Contextual HttpResource component representing an incoming request that needs authorization
//where access should be granted
- HttpResource permit = new HttpResource();
+ /*HttpResource permit = new HttpResource();
permit.setUri(new URI("/prefix/url/index.html"));
for(int i=0; i<5; i++)
{
@@ -101,10 +116,10 @@
this.enforce(this.createRequest(permit), true);
//Access Denied Enforcement
- this.enforce(this.createRequest(deny), false);
+ this.enforce(this.createRequest(deny), false);*/
}
- public void testMatchContextSubset() throws Exception
+ /*public void testMatchContextSubset() throws Exception
{
//SetUp HttpResource component to generate/store a policy
HttpResource policyResource = new HttpResource();
Deleted: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/EnforcementException.java
===================================================================
--- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/EnforcementException.java 2009-07-10 21:14:33 UTC (rev 13542)
+++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/EnforcementException.java 2009-07-11 18:00:13 UTC (rev 13543)
@@ -1,50 +0,0 @@
-/******************************************************************************
- * JBoss, a division of Red Hat *
- * Copyright 2006, Red Hat Middleware, LLC, and individual *
- * contributors as indicated by the @authors tag. See the *
- * copyright.txt in the distribution for a full listing of *
- * individual contributors. *
- * *
- * This is free software; you can redistribute it and/or modify it *
- * under the terms of the GNU Lesser General Public License as *
- * published by the Free Software Foundation; either version 2.1 of *
- * the License, or (at your option) any later version. *
- * *
- * This software is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
- * Lesser General Public License for more details. *
- * *
- * You should have received a copy of the GNU Lesser General Public *
- * License along with this software; if not, write to the Free *
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
- ******************************************************************************/
-package org.jboss.security.authz.policy.client.enforcement;
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- *
- */
-public class EnforcementException extends Exception
-{
- public EnforcementException()
- {
- super();
- }
-
- public EnforcementException(String message, Throwable cause)
- {
- super(message, cause);
- }
-
- public EnforcementException(String message)
- {
- super(message);
- }
-
- public EnforcementException(Throwable cause)
- {
- super(cause);
- }
-}
Deleted: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/LocalEnforcementPoint.java
===================================================================
--- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/LocalEnforcementPoint.java 2009-07-10 21:14:33 UTC (rev 13542)
+++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/LocalEnforcementPoint.java 2009-07-11 18:00:13 UTC (rev 13543)
@@ -1,77 +0,0 @@
-/*
-* JBoss, a division of Red Hat
-* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.authz.policy.client.enforcement;
-
-import org.apache.log4j.Logger;
-
-import org.jboss.security.authz.policy.server.PolicyServer;
-import org.jboss.security.authz.policy.server.PolicyServerException;
-
-/**
- * This Enforcement point integrates with the Policy Server inside the same VM. This provides the fastest enforcement option
- *
- *
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- */
-public class LocalEnforcementPoint implements PolicyEnforcementPoint
-{
- private static Logger log = Logger.getLogger(LocalEnforcementPoint.class);
-
- private PolicyServer policyServer;
-
- public LocalEnforcementPoint()
- {
-
- }
-
- public void start()
- {
- }
-
- public void stop()
- {
- }
-
- public PolicyServer getPolicyServer()
- {
- return policyServer;
- }
-
- public void setPolicyServer(PolicyServer policyServer)
- {
- this.policyServer = policyServer;
- }
- //------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- public Response checkAccess(Request request) throws EnforcementException
- {
- try
- {
-
- return this.policyServer.evaluate(request);
- }
- catch(PolicyServerException pe)
- {
- log.error(this, pe);
- throw new EnforcementException(pe);
- }
- }
-}
Deleted: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/PolicyEnforcementPoint.java
===================================================================
--- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/PolicyEnforcementPoint.java 2009-07-10 21:14:33 UTC (rev 13542)
+++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/PolicyEnforcementPoint.java 2009-07-11 18:00:13 UTC (rev 13543)
@@ -1,43 +0,0 @@
-/*
-* JBoss, a division of Red Hat
-* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.authz.policy.client.enforcement;
-
-/**
- * This component typically integrates natively with the application layer to receive Authorization Requests
- * It then processes the native request and routes it to the Policy Decision Point component of the Policy Server to get a decision whether the
- * Authorization should be granted or not or to do something else
- *
- * Sometimes, this component can just be a native stub that routes all requests over the network to the Policy Server, and sometimes this component can be co-located with the Policy Server
- *
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- */
-public interface PolicyEnforcementPoint
-{
- /**
- * Checks if Access should be granted for this particular Authorization Request
- *
- * @param request
- * @return
- * @throws EnforcementException
- */
- public Response checkAccess(Request request) throws EnforcementException;
-}
Modified: modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml
===================================================================
--- modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-07-10 21:14:33 UTC (rev 13542)
+++ modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-07-11 18:00:13 UTC (rev 13543)
@@ -25,19 +25,5 @@
</bean>
<bean name="/policy-server/DroolsRuleManager" class="org.jboss.security.authz.policy.server.plugin.DroolsRuleManager">
- </bean>
-
- <!-- Local Policy Enforcement client -->
- <bean name="/enforcement/localEnforcementPoint" class="org.jboss.security.authz.policy.client.enforcement.LocalEnforcementPoint">
- <property name="policyServer">
- <inject bean="/policy-server/PolicyServer"/>
- </property>
- </bean>
-
- <!-- Local Policy Provisioning client -->
- <bean name="/provisioning/localProvisioner" class="org.jboss.security.authz.policy.client.provisioning.LocalPolicyProvisioner">
- <property name="policyServer">
- <inject bean="/policy-server/PolicyServer"/>
- </property>
- </bean>
+ </bean>
</deployment>
\ No newline at end of file
16 years, 10 months
- 1
- 0
JBoss Portal SVN: r13542 - in modules/authorization/trunk: agent and 18 other directories.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-07-10 17:14:33 -0400 (Fri, 10 Jul 2009)
New Revision: 13542
Added:
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementContext.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementException.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementResponse.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/PolicyEnforcementPoint.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/LocalPolicyProvisioner.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/PolicyProvisioner.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/ProvisioningException.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/AnnotationProcessor.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/EnforcementStateGenerator.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/SecurityContextDataProcessor.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestEnforcementGenerator.java
modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/SecurityContextData.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/MockPolicy.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/NoPermitMeansDeniedAlg.java
Modified:
modules/authorization/trunk/agent/pom.xml
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposition.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java
modules/authorization/trunk/agent/src/main/resources/META-INF/jboss-beans.xml
modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/action/Operation.java
modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/resource/URIResource.java
modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Identity.java
modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java
modules/authorization/trunk/http-profile/pom.xml
modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/component/resource/HttpResource.java
modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/configuration/HttpPolicyConfig.java
modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/integration/TestEnterprisePolicyFinderModule.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java
modules/authorization/trunk/pom.xml
Log:
refactoring clear separation between an application agent and the policy server
Modified: modules/authorization/trunk/agent/pom.xml
===================================================================
--- modules/authorization/trunk/agent/pom.xml 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/agent/pom.xml 2009-07-10 21:14:33 UTC (rev 13542)
@@ -23,6 +23,11 @@
<groupId>org.jboss.security.authz</groupId>
<artifactId>core-components-api</artifactId>
<version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>policy-server</artifactId>
+ <version>${project.version}</version>
</dependency>
<!-- jboss microcontainer -->
<dependency>
Added: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementContext.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementContext.java (rev 0)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementContext.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,59 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.enforcement;
+
+import java.io.Serializable;
+import java.util.Map;
+import java.util.HashMap;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class EnforcementContext implements Serializable
+{
+ private Map<String, Object> attributes;
+
+ public EnforcementContext()
+ {
+ this.attributes = new HashMap<String, Object>();
+ }
+
+ public Object getAttribute(String name)
+ {
+ return this.attributes.get(name);
+ }
+
+ public void setAttribute(String name, Object attribute)
+ {
+ this.attributes.put(name, attribute);
+ }
+
+ public void clear(String name)
+ {
+ this.attributes.remove(name);
+ }
+
+ public void clearAll()
+ {
+ this.attributes.clear();
+ }
+}
Added: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementException.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementException.java (rev 0)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementException.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,50 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.agent.enforcement;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class EnforcementException extends Exception
+{
+ public EnforcementException()
+ {
+ super();
+ }
+
+ public EnforcementException(String message, Throwable cause)
+ {
+ super(message, cause);
+ }
+
+ public EnforcementException(String message)
+ {
+ super(message);
+ }
+
+ public EnforcementException(Throwable cause)
+ {
+ super(cause);
+ }
+}
Added: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementResponse.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementResponse.java (rev 0)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementResponse.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,96 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.enforcement;
+
+import java.io.Serializable;
+
+/**
+ * An Authorization Response
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class EnforcementResponse implements Serializable
+{
+ private boolean accessGranted;
+ private String message;
+
+ public EnforcementResponse()
+ {
+
+ }
+
+ public boolean isAccessGranted()
+ {
+ return accessGranted;
+ }
+
+ public void setAccessGranted(boolean accessGranted)
+ {
+ this.accessGranted = accessGranted;
+ }
+
+ public String getMessage()
+ {
+ return message;
+ }
+
+ public void setMessage(String message)
+ {
+ this.message = message;
+ }
+
+ public boolean isIndeterminate()
+ {
+ boolean isIndeterminate = false;
+
+ if(this.message.toLowerCase().contains("indeterminate"))
+ {
+ isIndeterminate = true;
+ }
+
+ return isIndeterminate;
+ }
+
+ public boolean isNotApplicable()
+ {
+ boolean isNotApplicable = false;
+
+ if(this.message.toLowerCase().contains("notapplicable"))
+ {
+ isNotApplicable = true;
+ }
+
+ return isNotApplicable;
+ }
+
+ public boolean isDenied()
+ {
+ boolean isDenied = false;
+
+ if(this.message.toLowerCase().contains("deny"))
+ {
+ isDenied = true;
+ }
+
+ return isDenied;
+ }
+}
Added: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java (rev 0)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,80 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.enforcement;
+
+import org.apache.log4j.Logger;
+
+import org.jboss.security.authz.policy.client.enforcement.Request;
+import org.jboss.security.authz.policy.client.enforcement.Response;
+import org.jboss.security.authz.policy.server.PolicyServer;
+import org.jboss.security.authz.policy.server.PolicyServerException;
+
+/**
+ * This Enforcement point integrates with the Policy Server inside the same VM. This provides the fastest enforcement option
+ *
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class LocalEnforcementPoint implements PolicyEnforcementPoint
+{
+ private static Logger log = Logger.getLogger(LocalEnforcementPoint.class);
+
+ private PolicyServer policyServer;
+
+ public LocalEnforcementPoint()
+ {
+
+ }
+
+ public void start()
+ {
+ }
+
+ public void stop()
+ {
+ }
+
+ public PolicyServer getPolicyServer()
+ {
+ return policyServer;
+ }
+
+ public void setPolicyServer(PolicyServer policyServer)
+ {
+ this.policyServer = policyServer;
+ }
+ //------------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ public EnforcementResponse checkAccess(EnforcementContext enforcementContext) throws EnforcementException
+ {
+ /*try
+ {
+
+ return this.policyServer.evaluate(request);
+ }
+ catch(PolicyServerException pe)
+ {
+ log.error(this, pe);
+ throw new EnforcementException(pe);
+ }*/
+ return null;
+ }
+}
Added: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/PolicyEnforcementPoint.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/PolicyEnforcementPoint.java (rev 0)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/PolicyEnforcementPoint.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,45 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.enforcement;
+
+import org.jboss.security.authz.policy.client.enforcement.Response;
+
+/**
+ * This component typically integrates natively with the application layer to receive Authorization Requests
+ * It then processes the native request and routes it to the Policy Decision Point component of the Policy Server to get a decision whether the
+ * Authorization should be granted or not or to do something else
+ *
+ * Sometimes, this component can just be a native stub that routes all requests over the network to the Policy Server, and sometimes this component can be co-located with the Policy Server
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public interface PolicyEnforcementPoint
+{
+ /**
+ * Checks if Access should be granted for this particular Authorization Request
+ *
+ * @param request
+ * @return
+ * @throws EnforcementException
+ */
+ public EnforcementResponse checkAccess(EnforcementContext enforcementContext) throws EnforcementException;
+}
Added: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/LocalPolicyProvisioner.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/LocalPolicyProvisioner.java (rev 0)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/LocalPolicyProvisioner.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,117 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.provisioning;
+
+import org.apache.log4j.Logger;
+
+import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.model.PolicyMetaData;
+import org.jboss.security.authz.policy.server.PolicyServer;
+import org.jboss.security.authz.policy.server.PolicyServerException;
+
+/**
+ * This Policy Provisioner integrates with the Policy Server in the same VM. This provides fastest provisioning option
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class LocalPolicyProvisioner implements PolicyProvisioner
+{
+ private static Logger log = Logger.getLogger(LocalPolicyProvisioner.class);
+
+ private PolicyServer policyServer;
+
+ public LocalPolicyProvisioner()
+ {
+ }
+
+ public void start()
+ {
+
+ }
+
+ public void stop()
+ {
+
+ }
+
+ public PolicyServer getPolicyServer()
+ {
+ return policyServer;
+ }
+
+ public void setPolicyServer(PolicyServer policyServer)
+ {
+ this.policyServer = policyServer;
+ }
+ //--------PolicyProvisioner implementation-----------------------------------------------------------------------------------------------------------------------------------------------------------
+ public void newPolicy(PolicyMetaData policyMetaData) throws ProvisioningException
+ {
+ try
+ {
+ this.policyServer.newPolicy(policyMetaData);
+ }
+ catch(PolicyServerException pe)
+ {
+ log.error(this, pe);
+ throw new ProvisioningException(pe);
+ }
+ }
+
+ public Policy[] readAllPolicies() throws ProvisioningException
+ {
+ try
+ {
+ return this.policyServer.readAllPolicies();
+ }
+ catch(PolicyServerException pe)
+ {
+ log.error(this, pe);
+ throw new ProvisioningException(pe);
+ }
+ }
+
+ public Policy readPolicy(String policyUri) throws ProvisioningException
+ {
+ try
+ {
+ return this.policyServer.readPolicy(policyUri);
+ }
+ catch(PolicyServerException pe)
+ {
+ log.error(this, pe);
+ throw new ProvisioningException(pe);
+ }
+ }
+
+ public void deletePolicy(String policyUri) throws ProvisioningException
+ {
+ try
+ {
+ this.policyServer.deletePolicy(policyUri);
+ }
+ catch(PolicyServerException pe)
+ {
+ log.error(this, pe);
+ throw new ProvisioningException(pe);
+ }
+ }
+}
Added: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/PolicyProvisioner.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/PolicyProvisioner.java (rev 0)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/PolicyProvisioner.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,60 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.provisioning;
+
+import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.model.PolicyMetaData;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public interface PolicyProvisioner
+{
+ /**
+ * Generates a new Policy instance based on the supplied MetaData and stores it into the Policy Store
+ *
+ * @param policyMetaData meta data for the policy to be created
+ */
+ public void newPolicy(PolicyMetaData policyMetaData) throws ProvisioningException;
+
+ /**
+ * Read a stored Policy identified by the unique policyUri
+ *
+ * @param policyUri
+ * @return a stored Policy
+ */
+ public Policy readPolicy(String policyUri) throws ProvisioningException;
+
+ /**
+ * Returns all the stored Policies for the system
+ *
+ * @return all the stored Policies
+ */
+ public Policy[] readAllPolicies() throws ProvisioningException;
+
+ /**
+ * Deletes the specified Policy from storage
+ *
+ * @param policyUri unique identifier for the Policy
+ */
+ public void deletePolicy(String policyUri) throws ProvisioningException;
+}
Added: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/ProvisioningException.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/ProvisioningException.java (rev 0)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/provisioning/ProvisioningException.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,50 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.agent.provisioning;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class ProvisioningException extends Exception
+{
+ public ProvisioningException()
+ {
+ super();
+ }
+
+ public ProvisioningException(String message, Throwable cause)
+ {
+ super(message, cause);
+ }
+
+ public ProvisioningException(String message)
+ {
+ super(message);
+ }
+
+ public ProvisioningException(Throwable cause)
+ {
+ super(cause);
+ }
+}
Added: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/AnnotationProcessor.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/AnnotationProcessor.java (rev 0)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/AnnotationProcessor.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,134 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.services;
+
+import java.lang.annotation.Annotation;
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
+import java.util.List;
+import java.util.ArrayList;
+
+import org.jboss.security.authz.component.Component;
+import org.jboss.security.authz.component.ComponentCategory;
+import org.jboss.security.authz.component.SecurityContextData;
+import org.jboss.security.authz.component.LogicExpression;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+class AnnotationProcessor
+{
+ static Object[] extractSecurityContextData(Object component) throws Exception
+ {
+ Object[] securityContextData = null;
+
+ List<Object> cour = new ArrayList<Object>();
+ Class targetClass = component.getClass();
+ do
+ {
+ Object[] local = extractSecurityContextData(component, targetClass);
+ if(local != null && local.length>0)
+ {
+ for(Object data: local)
+ {
+ cour.add(data);
+ }
+ }
+ targetClass = targetClass.getSuperclass();
+ }while(targetClass != null);
+
+ if(!cour.isEmpty())
+ {
+ securityContextData = cour.toArray();
+ }
+
+ return securityContextData;
+ }
+
+ static ComponentCategory findComponentCategory(Class targetClass)
+ {
+ Annotation component = targetClass.getAnnotation(Component.class);
+ if(component != null)
+ {
+ return ((Component)component).category();
+ }
+
+ return null;
+ }
+
+ static Method findExpression(Class targetClass, String expressionName)
+ {
+ Method[] declaredMethods = targetClass.getDeclaredMethods();
+ if(declaredMethods != null)
+ {
+ for(Method declaredMethod: declaredMethods)
+ {
+ Annotation logicExpression = declaredMethod.getAnnotation(LogicExpression.class);
+ if(logicExpression != null)
+ {
+ if(declaredMethod.getName().equals(expressionName))
+ {
+ return declaredMethod;
+ }
+ }
+ }
+ }
+
+ if(targetClass.getSuperclass() != null)
+ {
+ return findExpression(targetClass.getSuperclass(), expressionName);
+ }
+
+ return null;
+ }
+ //---------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ private static Object[] extractSecurityContextData(Object component, Class targetClass) throws Exception
+ {
+ Object[] securityContextData = null;
+
+ List<Object> cour = new ArrayList<Object>();
+ Field[] declaredFields = targetClass.getDeclaredFields();
+ if(declaredFields != null)
+ {
+ for(Field declaredField: declaredFields)
+ {
+ Annotation local = declaredField.getAnnotation(SecurityContextData.class);
+ if(local != null)
+ {
+ declaredField.setAccessible(true);
+ Object data = declaredField.get(component);
+ if(data != null)
+ {
+ cour.add(data);
+ }
+ }
+ }
+ }
+
+ if(!cour.isEmpty())
+ {
+ return cour.toArray();
+ }
+
+ return securityContextData;
+ }
+}
Added: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/EnforcementStateGenerator.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/EnforcementStateGenerator.java (rev 0)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/EnforcementStateGenerator.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,214 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.services;
+
+import java.lang.reflect.Array;
+import java.util.Collection;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.log4j.Logger;
+
+
+import org.jboss.security.authz.component.ComponentCategory;
+import org.jboss.security.authz.model.AbstractContextObject;
+import org.jboss.security.authz.model.Resource;
+import org.jboss.security.authz.model.Subject;
+import org.jboss.security.authz.model.Action;
+import org.jboss.security.authz.model.Attribute;
+import org.jboss.security.authz.components.subject.Identity;
+import org.jboss.security.authz.components.subject.Roles;
+
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.interfaces.XMLSchemaConstants;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+class EnforcementStateGenerator
+{
+ private static Logger log = Logger.getLogger(EnforcementStateGenerator.class);
+
+ AbstractContextObject[] generate(Object component)
+ {
+ try
+ {
+ AbstractContextObject[] enforcementState = null;
+
+ List<AbstractContextObject> cour = new ArrayList<AbstractContextObject>();
+
+ ComponentCategory componentCategory = AnnotationProcessor.findComponentCategory(component.getClass());
+
+ //Extract SecurityContextData for the component
+ Object[] securityContextData = AnnotationProcessor.extractSecurityContextData(component);
+
+ for(Object input: securityContextData)
+ {
+ if(Collection.class.isAssignableFrom(input.getClass()) || input.getClass().isArray())
+ {
+ if(input.getClass().isArray())
+ {
+ List<Object> local = new ArrayList<Object>();
+ int arrayLength = Array.getLength(input);
+ for(int i=0; i<arrayLength; i++)
+ {
+ local.add(Array.get(input, i));
+ }
+ input = SecurityContextDataProcessor.processEnforcementState(local);
+ }
+ else
+ {
+ input = SecurityContextDataProcessor.processEnforcementState((Collection)input);
+ }
+ }
+ else if(Map.class.isAssignableFrom(input.getClass()))
+ {
+ input = SecurityContextDataProcessor.processEnforcementState((Map)input);
+ }
+ else
+ {
+ input = input.toString();
+ }
+
+ //Create the appropriate Context Object
+ if(componentCategory.getAttributeCategory().equals(XACMLConstants.ATTRIBUTEID_RESOURCE_ID))
+ {
+ if(input instanceof String)
+ {
+ cour.add(this.generateURIBasedResource((String)input));
+ }
+ else if(input instanceof Map)
+ {
+ cour.add(this.generateCustomResource((Map<String, String>)input));
+ }
+ }
+ else if(componentCategory.getAttributeCategory().equals(XACMLConstants.ATTRIBUTEID_ACTION_ID))
+ {
+ cour.add(generateAction((String)input));
+ }
+ else if(componentCategory.getAttributeCategory().equals(XACMLConstants.ATTRIBUTEID_SUBJECT_ID))
+ {
+ //Note: Identity and Roles components are exposed to this component since these are part of the core set components shipped
+ //with the Framework
+ if(component instanceof Identity)
+ {
+ cour.add(generateIdentity(input.toString()));
+ }
+ else if(component instanceof Roles)
+ {
+ cour.add(this.generateRoles((Set<String>)input));
+ }
+ }
+ }
+
+ enforcementState = cour.toArray(new AbstractContextObject[0]);
+
+ return enforcementState;
+ }
+ catch(Exception e)
+ {
+ log.error(this, e);
+
+ //TODO: implement proper exception handling
+ throw new RuntimeException(e);
+ }
+ }
+ //------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ private Resource generateURIBasedResource(String uri)
+ {
+ Resource uriResource = new Resource();
+
+ Attribute attribute = new Attribute();
+ attribute.setUri(XACMLConstants.ATTRIBUTEID_RESOURCE_ID);
+ attribute.setDatatType(XMLSchemaConstants.DATATYPE_STRING);
+ attribute.setValue(uri);
+ uriResource.addAttribute(attribute);
+
+ return uriResource;
+ }
+
+ private Resource generateCustomResource(Map<String, String> parameters)
+ {
+ Resource custom = new Resource();
+
+ Set<String> names = parameters.keySet();
+ for(String name: names)
+ {
+ String value = parameters.get(name);
+
+ Attribute customAttribute = new Attribute();
+ customAttribute.setUri(name);
+ customAttribute.setDatatType(XMLSchemaConstants.DATATYPE_STRING);
+ customAttribute.setValue(value);
+ custom.addAttribute(customAttribute);
+ }
+
+ return custom;
+ }
+
+ private Action generateAction(String actionName)
+ {
+ Action action = new Action();
+
+ Attribute attribute = new Attribute(XACMLConstants.ATTRIBUTEID_ACTION_ID,
+ XMLSchemaConstants.DATATYPE_STRING,
+ actionName
+ );
+ action.addAttribute(attribute);
+
+ return action;
+ }
+
+ private Subject generateIdentity(String subjectName)
+ {
+ Subject subject = new Subject();
+
+ subject.setCategory(XACMLConstants.ATTRIBUTEID_ACCESS_SUBJECT);
+
+ Attribute attribute = new Attribute(
+ XACMLConstants.ATTRIBUTEID_SUBJECT_ID,
+ XMLSchemaConstants.DATATYPE_STRING, subjectName);
+ subject.addAttribute(attribute);
+
+ return subject;
+ }
+
+ private Subject generateRoles(Set<String> roleNames)
+ {
+ Subject subject = new Subject();
+
+ subject.setCategory(XACMLConstants.ATTRIBUTEID_ACCESS_SUBJECT);
+
+ for(String name: roleNames)
+ {
+ Attribute attribute = new Attribute(XACMLConstants.ATTRIBUTEID_ROLE,
+ XMLSchemaConstants.DATATYPE_STRING,
+ name
+ );
+ subject.addAttribute(attribute);
+ }
+
+ return subject;
+ }
+}
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposition.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposition.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposition.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -22,13 +22,11 @@
package org.jboss.security.authz.agent.services;
import java.lang.reflect.Method;
-import java.lang.annotation.Annotation;
import java.util.Set;
import java.util.HashSet;
import org.apache.log4j.Logger;
-import org.jboss.security.authz.component.LogicExpression;
import org.jboss.security.authz.model.Rule;
import org.jboss.security.authz.model.Expression;
import org.jboss.security.authz.model.Effect;
@@ -182,7 +180,7 @@
DroolsRuleExpression expression = new DroolsRuleExpression();
//Read the LogicExpression of the Logic Component
- Method expressionMethod = this.findExpression(this.logicComponent.getClass(), this.expressionName);
+ Method expressionMethod = AnnotationProcessor.findExpression(this.logicComponent.getClass(), this.expressionName);
expressionMethod.setAccessible(true);
String[] expressionMetaData = (String[])expressionMethod.invoke(this.logicComponent, null);
@@ -191,31 +189,5 @@
expression.setRule(expressionMetaData[1]);
return expression;
- }
-
- private Method findExpression(Class targetClass, String expressionName)
- {
- Method[] declaredMethods = targetClass.getDeclaredMethods();
- if(declaredMethods != null)
- {
- for(Method declaredMethod: declaredMethods)
- {
- Annotation logicExpression = declaredMethod.getAnnotation(LogicExpression.class);
- if(logicExpression != null)
- {
- if(declaredMethod.getName().equals(expressionName))
- {
- return declaredMethod;
- }
- }
- }
- }
-
- if(targetClass.getSuperclass() != null)
- {
- return this.findExpression(targetClass.getSuperclass(), expressionName);
- }
-
- return null;
- }
+ }
}
Added: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/SecurityContextDataProcessor.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/SecurityContextDataProcessor.java (rev 0)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/SecurityContextDataProcessor.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,65 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.services;
+
+import java.util.Collection;
+import java.util.Set;
+import java.util.Map;
+import java.util.HashSet;
+import java.util.HashMap;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+class SecurityContextDataProcessor
+{
+ static Set<String> processEnforcementState(Collection input)
+ {
+ Set<String> enforcementState = new HashSet<String>();
+
+ if(input != null)
+ {
+ for(Object local: input)
+ {
+ enforcementState.add(local.toString());
+ }
+ }
+
+ return enforcementState;
+ }
+
+ static Map<String, String> processEnforcementState(Map input)
+ {
+ Map<String, String> enforcementState = new HashMap<String, String>();
+
+ if(input != null)
+ {
+ Set<Object> keys = input.keySet();
+ for(Object key: keys)
+ {
+ enforcementState.put(key.toString(), input.get(key).toString());
+ }
+ }
+
+ return enforcementState;
+ }
+}
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -22,7 +22,11 @@
package org.jboss.security.authz.agent.services;
import java.lang.annotation.Annotation;
-import java.lang.reflect.Field;
+import java.lang.reflect.Array;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+import java.util.Map;
import java.util.Set;
import java.util.HashSet;
@@ -31,7 +35,6 @@
import org.jboss.security.authz.component.Component;
import org.jboss.security.authz.component.ComponentCategory;
import org.jboss.security.authz.component.ImpliedActions;
-import org.jboss.security.authz.component.TargetUri;
import org.jboss.security.authz.model.Target;
import org.jboss.security.authz.model.Attribute;
import org.jboss.security.authz.model.AttributeExpression;
@@ -124,52 +127,22 @@
private Target generateTarget() throws Exception
{
Target target = new Target();
+
+ //use the proper category for the data
+ ComponentCategory category = this.findComponentCategory(this.targetComponent.getClass());
+ String attributeCategory = category.getAttributeCategory();
- //Read the TargetUri
- Field targetField = this.findTargetField(this.targetComponent.getClass());
- targetField.setAccessible(true);
- Object targetUriObj = targetField.get(this.targetComponent);
+ //Read the SecurityContext State of the Component being provisioned
+ Object[] securityContextData = AnnotationProcessor.extractSecurityContextData(this.targetComponent);
- //Get a String representation of this URI
- String uriStr = targetUriObj.toString();
+ //Get the Attribute expression based on the Security Context State
+ List<AttributeExpression> urlExpressions = this.generateAttributeExpression(securityContextData, attributeCategory);
- //use the proper category for the data
- ComponentCategory category = this.findComponentCategory(this.targetComponent.getClass());
- String attributeCategory = category.getAttributeCategory();
-
- AttributeExpression urlExpression = new AttributeExpression();
- if (uriStr.charAt(0) == '/' && uriStr.endsWith("/*"))
+ //Depending up the data category add the appropriate match expression
+ for(AttributeExpression urlExpression: urlExpressions)
{
- // If URL starts with '/' and ends with "/*", use a regular
- // expression to match it (In consistency with the servlet spec)
- urlExpression
- .setFunctionId(XACMLConstants.FUNCTION_REGEXP_STRING_MATCH);
-
- String uriexp = uriStr.substring(1, uriStr.length() - 2);
- StringBuilder buffer = new StringBuilder();
- buffer.append("^/" + uriexp + "$|");
- buffer.append("^" + uriexp + "$|");
- buffer.append("^/" + uriexp + "/.*|");
- buffer.append("^" + uriexp + "/.*");
-
- Attribute attribute = new Attribute(
- attributeCategory,
- XMLSchemaConstants.DATATYPE_STRING, buffer.toString());
- urlExpression.setAttribute(attribute);
- }
- else
- {
- // use an exact match
- urlExpression.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL);
-
- Attribute attribute = new Attribute(
- attributeCategory,
- XMLSchemaConstants.DATATYPE_STRING, uriStr);
- urlExpression.setAttribute(attribute);
+ category.setExpression(target, urlExpression);
}
-
- //Depending up the data category add the appropriate match expression
- category.setExpression(target, urlExpression);
return target;
}
@@ -195,28 +168,91 @@
return null;
}
-
- private Field findTargetField(Class targetClass)
- {
- Field[] declaredFields = targetClass.getDeclaredFields();
- if(declaredFields != null)
- {
- for(Field declaredField: declaredFields)
+
+ private List<AttributeExpression> generateAttributeExpression(Object[] securityContextState, String attributeCategory)
+ {
+ List<AttributeExpression> expressions = new ArrayList<AttributeExpression>();
+
+ for(Object input: securityContextState)
+ {
+ if(Collection.class.isAssignableFrom(input.getClass()) || input.getClass().isArray())
{
- Annotation targetUri = declaredField.getAnnotation(TargetUri.class);
- if(targetUri != null)
+ Set<String> uris = null;
+ if(input.getClass().isArray())
{
- return declaredField;
+ List<Object> local = new ArrayList<Object>();
+ int arrayLength = Array.getLength(input);
+ for(int i=0; i<arrayLength; i++)
+ {
+ local.add(Array.get(input, i));
+ }
+ uris = SecurityContextDataProcessor.processEnforcementState(local);
}
+ else
+ {
+ uris = SecurityContextDataProcessor.processEnforcementState((Collection)input);
+ }
+
+ for(String uri: uris)
+ {
+ AttributeExpression expression = new AttributeExpression();
+ this.setAttribute(expression, attributeCategory, uri);
+ expressions.add(expression);
+ }
}
+ else if(Map.class.isAssignableFrom(input.getClass()))
+ {
+ Map<String, String> mappedUris = SecurityContextDataProcessor.processEnforcementState((Map)input);
+ Set<String> customCategories = mappedUris.keySet();
+ for(String customCategory: customCategories)
+ {
+ AttributeExpression expression = new AttributeExpression();
+ this.setAttribute(expression, customCategory, mappedUris.get(customCategory));
+ expressions.add(expression);
+ }
+ }
+ else
+ {
+ AttributeExpression expression = new AttributeExpression();
+ this.setAttribute(expression, attributeCategory, input.toString());
+ expressions.add(expression);
+ }
}
- //If I get here, query the super class
- if(targetClass.getSuperclass() != null)
+ return expressions;
+ }
+
+ private void setAttribute(AttributeExpression urlExpression, String attributeCategory, String uriStr)
+ {
+ Attribute attribute = null;
+
+ if (uriStr.charAt(0) == '/' && uriStr.endsWith("/*"))
{
- return this.findTargetField(targetClass.getSuperclass());
+ // If URL starts with '/' and ends with "/*", use a regular
+ // expression to match it (In consistency with the servlet spec)
+ urlExpression.setFunctionId(XACMLConstants.FUNCTION_REGEXP_STRING_MATCH);
+
+ String uriexp = uriStr.substring(1, uriStr.length() - 2);
+ StringBuilder buffer = new StringBuilder();
+ buffer.append("^/" + uriexp + "$|");
+ buffer.append("^" + uriexp + "$|");
+ buffer.append("^/" + uriexp + "/.*|");
+ buffer.append("^" + uriexp + "/.*");
+
+ attribute = new Attribute(
+ attributeCategory,
+ XMLSchemaConstants.DATATYPE_STRING, buffer.toString());
+ }
+ else
+ {
+ // use an exact match
+ urlExpression.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL);
+
+ attribute = new Attribute(
+ attributeCategory,
+ XMLSchemaConstants.DATATYPE_STRING, uriStr);
}
- return null;
+ urlExpression.setAttribute(attribute);
}
}
Modified: modules/authorization/trunk/agent/src/main/resources/META-INF/jboss-beans.xml
===================================================================
--- modules/authorization/trunk/agent/src/main/resources/META-INF/jboss-beans.xml 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/agent/src/main/resources/META-INF/jboss-beans.xml 2009-07-10 21:14:33 UTC (rev 13542)
@@ -4,5 +4,8 @@
xsi:schemaLocation="urn:jboss:bean-deployer:2.0 bean-deployer_2_0.xsd"
xmlns="urn:jboss:bean-deployer:2.0">
<bean name="/agent/PolicyComposer" class="org.jboss.security.authz.agent.services.PolicyComposer">
+ </bean>
+
+ <bean name="/agent/PolicyEnforcementPoint" class="org.jboss.security.authz.agent.services.PolicyEnforcementPoint">
</bean>
</deployment>
\ No newline at end of file
Added: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestEnforcementGenerator.java
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestEnforcementGenerator.java (rev 0)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestEnforcementGenerator.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,133 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.agent.services;
+
+import java.net.URI;
+
+import junit.framework.TestCase;
+
+import org.apache.log4j.Logger;
+
+import org.jboss.security.authz.model.Resource;
+import org.jboss.security.authz.model.Action;
+import org.jboss.security.authz.model.Subject;
+import org.jboss.security.authz.model.Attribute;
+import org.jboss.security.authz.model.AbstractContextObject;
+
+import org.jboss.security.authz.components.subject.Identity;
+import org.jboss.security.authz.components.subject.Roles;
+import org.jboss.security.authz.components.action.Manage;
+import org.jboss.security.authz.components.resource.URIResource;
+
+import org.jboss.security.authz.agent.Agent;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class TestEnforcementGenerator extends TestCase
+{
+ private static Logger log = Logger.getLogger(TestEnforcementGenerator.class);
+
+ private EnforcementStateGenerator stateGenerator;
+
+ protected void setUp() throws Exception
+ {
+ Agent.bootstrap();
+ this.stateGenerator = new EnforcementStateGenerator();
+ }
+ //---------------------------------------------------------------------------------------------------------------------------------------------------------------
+ public void testGenerateURIResource() throws Exception
+ {
+ //Setup the state of Components to be used for Enforcement State
+ URIResource uriResource = new URIResource();
+ uriResource.setUri(new URI("/portal/admin-tool/modifyLayout"));
+
+ AbstractContextObject[] contextState = this.stateGenerator.generate(uriResource);
+ Resource enforcementState = (Resource)contextState[0];
+
+ this.assertResource(enforcementState);
+ }
+
+ public void testGenerateAction() throws Exception
+ {
+ AbstractContextObject[] contextState = this.stateGenerator.generate(new Manage());
+ Action enforcementState = (Action)contextState[0];
+
+ this.assertAction(enforcementState);
+ }
+
+ public void testGenerateIdentity() throws Exception
+ {
+ Identity identity = new Identity();
+ identity.setName("blah(a)blah.com");
+
+ AbstractContextObject[] contextState = this.stateGenerator.generate(identity);
+ Subject enforcementState = (Subject)contextState[0];
+
+ this.assertSubject(enforcementState);
+ }
+
+ public void testGenerateRoles() throws Exception
+ {
+ Roles roles = new Roles();
+ roles.addName("admin");
+ roles.addName("user");
+
+ AbstractContextObject[] contextState = this.stateGenerator.generate(roles);
+ Subject enforcementState = (Subject)contextState[0];
+
+ this.assertSubject(enforcementState);
+ }
+ //--------------------------------------------------------------------------------------------------------------------------------------------------------------
+ private void assertResource(Resource resource)
+ {
+ log.info("---------------------------------------------------------------");
+ for(Attribute attribute: resource.getAttributes())
+ {
+ log.info("Name="+attribute.getUri());
+ log.info("Value="+attribute.getValue());
+ log.info("---------------------------------------------------------------");
+ }
+ }
+
+ private void assertAction(Action action)
+ {
+ log.info("---------------------------------------------------------------");
+ for(Attribute attribute: action.getAttributes())
+ {
+ log.info("Name="+attribute.getUri());
+ log.info("Value="+attribute.getValue());
+ log.info("---------------------------------------------------------------");
+ }
+ }
+
+ private void assertSubject(Subject subject)
+ {
+ log.info("---------------------------------------------------------------");
+ for(Attribute attribute: subject.getAttributes())
+ {
+ log.info("Name="+attribute.getUri());
+ log.info("Value="+attribute.getValue());
+ log.info("---------------------------------------------------------------");
+ }
+ }
+}
Added: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/SecurityContextData.java
===================================================================
--- modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/SecurityContextData.java (rev 0)
+++ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/SecurityContextData.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,37 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.component;
+
+import java.lang.annotation.Target;
+import java.lang.annotation.Retention;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.RetentionPolicy;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+(a)Target(ElementType.FIELD)
+(a)Retention(RetentionPolicy.RUNTIME)
+public @interface SecurityContextData
+{
+
+}
Modified: modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/action/Operation.java
===================================================================
--- modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/action/Operation.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/action/Operation.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -21,7 +21,7 @@
*/
package org.jboss.security.authz.components.action;
-import org.jboss.security.authz.component.TargetUri;
+import org.jboss.security.authz.component.SecurityContextData;
/**
* Represents any Operation that can be performed on a Resource
@@ -30,7 +30,7 @@
*/
public abstract class Operation
{
- @TargetUri
+ @SecurityContextData
protected String name;
public Operation()
Modified: modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/resource/URIResource.java
===================================================================
--- modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/resource/URIResource.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/resource/URIResource.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -28,7 +28,7 @@
import org.jboss.security.authz.component.Component;
import org.jboss.security.authz.component.ComponentType;
import org.jboss.security.authz.component.ComponentCategory;
-import org.jboss.security.authz.component.TargetUri;
+import org.jboss.security.authz.component.SecurityContextData;
/**
* Represents any System Resource uniquely identified by a URI
@@ -47,7 +47,7 @@
/**
* The unique URI that identifies this resource
*/
- @TargetUri
+ @SecurityContextData
protected URI uri;
Modified: modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Identity.java
===================================================================
--- modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Identity.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Identity.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -25,8 +25,7 @@
import org.jboss.security.authz.component.Component;
import org.jboss.security.authz.component.ComponentType;
import org.jboss.security.authz.component.ComponentCategory;
-import org.jboss.security.authz.component.TargetUri;
-import org.jboss.security.authz.component.LogicData;
+import org.jboss.security.authz.component.SecurityContextData;
/**
* The Identity Policy Component represents the "Identity/User" that is Authenticated by the System
@@ -47,8 +46,7 @@
/**
* Unique id/name of the Identity
*/
- @TargetUri
- @LogicData
+ @SecurityContextData
private String name;
Modified: modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java
===================================================================
--- modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -31,7 +31,7 @@
import org.jboss.security.authz.component.Component;
import org.jboss.security.authz.component.ComponentType;
import org.jboss.security.authz.component.ComponentCategory;
-import org.jboss.security.authz.component.LogicData;
+import org.jboss.security.authz.component.SecurityContextData;
import org.jboss.security.authz.component.LogicExpression;
/**
@@ -84,7 +84,7 @@
/**
* Role Names
*/
- @LogicData
+ @SecurityContextData
private Set<String> names;
public Roles()
@@ -114,6 +114,11 @@
}
this.getNames().add(name);
}
+
+ public boolean isEmpty()
+ {
+ return this.getNames().isEmpty();
+ }
//------------------------------------------------------------------------------------------------------------------------------------------------------------
/**
* Creates a Policy Rule suggesting the roles indicated by this object are permitted access to the 'Resource' designated in the Policy
Modified: modules/authorization/trunk/http-profile/pom.xml
===================================================================
--- modules/authorization/trunk/http-profile/pom.xml 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/http-profile/pom.xml 2009-07-10 21:14:33 UTC (rev 13542)
@@ -23,6 +23,11 @@
<groupId>org.jboss.security.authz</groupId>
<artifactId>core-components-api</artifactId>
<version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>agent</artifactId>
+ <version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.jboss.security.authz</groupId>
Modified: modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/component/resource/HttpResource.java
===================================================================
--- modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/component/resource/HttpResource.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/component/resource/HttpResource.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -28,7 +28,7 @@
import org.jboss.security.authz.component.Component;
import org.jboss.security.authz.component.ComponentCategory;
import org.jboss.security.authz.component.ComponentType;
-import org.jboss.security.authz.component.TargetUri;
+import org.jboss.security.authz.component.SecurityContextData;
import org.jboss.security.authz.components.resource.URIResource;
/**
@@ -45,12 +45,12 @@
type=ComponentType.TARGET,
category=ComponentCategory.RESOURCE
)
-public class HttpResource extends URIResource implements Cloneable
+public class HttpResource extends URIResource
{
/**
* The HTTP Parameters that are used to access this resource
*/
- @TargetUri
+ @SecurityContextData
private Map<String, String> parameters;
/**
@@ -79,47 +79,5 @@
public void addParameter(String name, String value)
{
this.getParameters().put(name, value);
- }
-
- /*public PolicyMetaData getPolicyMetaData()
- {
- PolicyMetaData metadata = super.getPolicyMetaData();
-
- if(!this.getParameters().isEmpty())
- {
- Set<String> names = this.parameters.keySet();
- for(String name: names)
- {
- String value = this.parameters.get(name);
-
- AttributeExpression paramExpression = ExpressionBuilder.getInstance().createCustomResourceExpression(name, value);
- paramExpression.setDesignatorMustBePresent(false);
- metadata.getTarget().addResourceMatch(paramExpression);
- }
- }
-
- return metadata;
- }*/
-
- /*public Resource getResource()
- {
- Resource urlResource = super.getResource();
-
- if(!this.getParameters().isEmpty())
- {
- Set<String> names = this.parameters.keySet();
- for(String name: names)
- {
- String value = this.parameters.get(name);
-
- Attribute customAttribute = new Attribute();
- customAttribute.setUri(name);
- customAttribute.setDatatType(XMLSchemaConstants.DATATYPE_STRING);
- customAttribute.setValue(value);
- urlResource.addAttribute(customAttribute);
- }
- }
-
- return urlResource;
- }*/
+ }
}
Modified: modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/configuration/HttpPolicyConfig.java
===================================================================
--- modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/configuration/HttpPolicyConfig.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/configuration/HttpPolicyConfig.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -38,11 +38,14 @@
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
+import org.jboss.security.authz.model.Effect;
import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.model.PolicyMetaData;
import org.jboss.security.authz.tools.GeneralTool;
import org.jboss.security.authz.policy.server.plugin.XACMLPolicy;
import org.jboss.security.authz.policy.server.spi.PolicyConfig;
+import org.jboss.security.authz.http.component.resource.HttpResource;
import org.jboss.security.authz.http.component.action.Delete;
import org.jboss.security.authz.http.component.action.Get;
import org.jboss.security.authz.http.component.action.Head;
@@ -50,7 +53,10 @@
import org.jboss.security.authz.http.component.action.Post;
import org.jboss.security.authz.http.component.action.Put;
import org.jboss.security.authz.http.component.action.Trace;
-import org.jboss.security.authz.http.component.resource.HttpResource;
+import org.jboss.security.authz.components.action.Operation;
+import org.jboss.security.authz.components.subject.Roles;
+import org.jboss.security.authz.agent.services.CompositionContext;
+import org.jboss.security.authz.agent.services.PolicyComposer;
/**
@@ -61,6 +67,19 @@
{
private static Logger log = Logger.getLogger(HttpPolicyConfig.class);
+ private PolicyComposer policyComposer;
+
+
+ public PolicyComposer getPolicyComposer()
+ {
+ return policyComposer;
+ }
+
+ public void setPolicyComposer(PolicyComposer policyComposer)
+ {
+ this.policyComposer = policyComposer;
+ }
+
/**
* Configures the Policy instances that can be represented in system level XACML format. The easyDomainXml is a user friendly XML configuration that is within the context
* of the application tier being protected. For instance, to apply Access Control at the web tier, the XML configuration would consist of Resources and
@@ -83,21 +102,87 @@
NodeList securityConstraints = document.getElementsByTagName("security-constraint");
for(int i=0, length=securityConstraints.getLength(); i< length; i++)
- {
+ {
Element securityConstraint = (Element)securityConstraints.item(i);
- Element webResourceCollection = (Element)securityConstraint.getElementsByTagName("web-resource-collection").item(0);
- List<HttpResource> webResources = this.parseWebResources(webResourceCollection);
-
- if(webResources != null)
- {
- for(HttpResource policyResource: webResources)
- {
- //Parse role constraints
- this.parseRoles(policyResource, securityConstraint.getElementsByTagName("roles"));
-
- cour.add(new XACMLPolicy(GeneralTool.generateUniqueId(), policyResource.getPolicyMetaData()));
- }
- }
+
+ //Parse out information related to access control based on user roles
+ NodeList roleNodes = securityConstraint.getElementsByTagName("roles");
+ Roles allowRoles = new Roles();
+ Roles denyRoles = new Roles();
+ if(roleNodes != null)
+ {
+ for(int j=0; j<roleNodes.getLength(); j++)
+ {
+ boolean allow = true;
+ Element roles = (Element)roleNodes.item(j);
+
+ allow = Boolean.parseBoolean(roles.getAttribute("allow").trim());
+
+ NodeList roleNames = roles.getElementsByTagName("role-name");
+ if(roleNames != null)
+ {
+ for(int k=0; k<roleNames.getLength(); k++)
+ {
+ Element roleName = (Element)roleNames.item(k);
+ String role = roleName.getTextContent().trim();
+
+ if(allow)
+ {
+ allowRoles.addName(role);
+ }
+ else
+ {
+ denyRoles.addName(role);
+ }
+ }
+ }
+ }
+ }
+
+ //Parse out the resources and actions upon which the Policies must be created
+ Element webResourceCollection = (Element)securityConstraint.getElementsByTagName("web-resource-collection").item(0);
+ NodeList resources = webResourceCollection.getElementsByTagName("web-resource");
+ if (resources != null)
+ {
+ for (int j = 0; j < resources.getLength(); j++)
+ {
+ //SetUp the Http Resource
+ HttpResource policyResource = new HttpResource();
+ Element webResource = (Element) resources.item(j);
+ Element urlPattern = (Element) webResource
+ .getElementsByTagName("url-pattern").item(0);
+
+ policyResource.setUri(new URI(urlPattern
+ .getTextContent().trim()));
+ this.parseParameters(policyResource, webResource);
+
+ //Setup the Action Targets to be secured on this resource
+ List<Operation> secureActions = this.parseSecureWebActions(webResource);
+
+ if(secureActions != null)
+ {
+ //SetUp Policy Composition Context
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(policyResource);
+ for(Operation secureAction: secureActions)
+ {
+ if(!allowRoles.isEmpty())
+ {
+ context.addPolicyRule(Effect.PERMIT, secureAction, allowRoles, "allowExpression");
+ }
+
+ if(!denyRoles.isEmpty())
+ {
+ context.addPolicyRule(Effect.DENY, secureAction, denyRoles, "denyExpression");
+ }
+ }
+
+ //Generate the Policy
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ cour.add(new XACMLPolicy(GeneralTool.generateUniqueId(), policyMetaData));
+ }
+ }
+ }
}
policies = cour.toArray(new Policy[0]);
@@ -120,41 +205,33 @@
}catch(IOException ioe){log.warn(this, ioe);}
}
}
- //XMLParsing----------------------------------------------------------------------------------------------------------------------------------------------------
- private List<HttpResource> parseWebResources(Element webResourceCollection) throws Exception
+ //XML Configuration Parsing----------------------------------------------------------------------------------------------------------------------------------------------------
+ private void parseParameters(HttpResource policyResource, Element webResource) throws Exception
{
- List<HttpResource> webResources = new ArrayList<HttpResource>();
-
- NodeList resources = webResourceCollection.getElementsByTagName("web-resource");
- if(resources != null)
- {
- for(int i=0; i<resources.getLength(); i++)
- {
- HttpResource policyResource = new HttpResource();
- Element webResource = (Element)resources.item(i);
- Element urlPattern = (Element)webResource.getElementsByTagName("url-pattern").item(0);
-
- policyResource.setUri(new URI(urlPattern.getTextContent().trim()));
- this.parseParameters(policyResource, webResource);
-
- List<HttpResource> methodResources = this.parseHttpMethods(policyResource, webResource);
- if(methodResources != null && !methodResources.isEmpty())
- {
- webResources.addAll(methodResources);
- }
- else
- {
- webResources.add(policyResource);
- }
- }
- }
-
- return webResources;
+ //Process Parameters
+ Element parameters = (Element)webResource.getElementsByTagName("parameters").item(0);
+ if(parameters != null)
+ {
+ NodeList params = parameters.getElementsByTagName("parameter");
+ if(params != null)
+ {
+ for(int i=0, length=params.getLength(); i<length; i++)
+ {
+ Element parameter = (Element)params.item(i);
+
+ String name = parameter.getAttribute("name").trim();
+ String value = parameter.getTextContent().trim();
+
+ policyResource.addParameter(name, value);
+ }
+ }
+ }
}
- private List<HttpResource> parseHttpMethods(HttpResource policyResource, Element webResource) throws Exception
+ private List<Operation> parseSecureWebActions(Element webResource) throws Exception
{
- List<HttpResource> webResources = new ArrayList<HttpResource>();
+ List<Operation> secureWebActions = new ArrayList<Operation>();
+
NodeList httpMethods = webResource.getElementsByTagName("http-method");
if(httpMethods != null)
{
@@ -162,95 +239,39 @@
{
Element httpMethodElem = (Element)httpMethods.item(i);
- String httpMethod = httpMethodElem.getTextContent();
- HttpResource methodResource = (HttpResource)policyResource.clone();
+ String httpMethod = httpMethodElem.getTextContent();
if(httpMethod.equalsIgnoreCase("get"))
{
- methodResource.setHttpMethod(new Get());
+ secureWebActions.add(new Get());
}
else if(httpMethod.equalsIgnoreCase("post"))
{
- methodResource.setHttpMethod(new Post());
+ secureWebActions.add(new Post());
}
else if(httpMethod.equalsIgnoreCase("put"))
{
- methodResource.setHttpMethod(new Put());
+ secureWebActions.add(new Put());
}
else if(httpMethod.equalsIgnoreCase("delete"))
{
- methodResource.setHttpMethod(new Delete());
+ secureWebActions.add(new Delete());
}
else if(httpMethod.equalsIgnoreCase("head"))
{
- methodResource.setHttpMethod(new Head());
+ secureWebActions.add(new Head());
}
else if(httpMethod.equalsIgnoreCase("options"))
{
- methodResource.setHttpMethod(new Options());
+ secureWebActions.add(new Options());
}
else if(httpMethod.equalsIgnoreCase("trace"))
{
- methodResource.setHttpMethod(new Trace());
- }
-
- webResources.add(methodResource);
+ secureWebActions.add(new Trace());
+ }
}
}
- return webResources;
- }
-
- private void parseParameters(HttpResource policyResource, Element webResource) throws Exception
- {
- //Process Parameters
- Element parameters = (Element)webResource.getElementsByTagName("parameters").item(0);
- if(parameters != null)
- {
- NodeList params = parameters.getElementsByTagName("parameter");
- if(params != null)
- {
- for(int i=0, length=params.getLength(); i<length; i++)
- {
- Element parameter = (Element)params.item(i);
-
- String name = parameter.getAttribute("name").trim();
- String value = parameter.getTextContent().trim();
-
- policyResource.addParameter(name, value);
- }
- }
- }
- }
-
- private void parseRoles(HttpResource policyResource, NodeList roleNodes) throws Exception
- {
- if(roleNodes != null)
- {
- for(int i=0; i<roleNodes.getLength(); i++)
- {
- boolean allow = true;
- Element roles = (Element)roleNodes.item(i);
-
- allow = Boolean.parseBoolean(roles.getAttribute("allow").trim());
-
- NodeList roleNames = roles.getElementsByTagName("role-name");
- if(roleNames != null)
- {
- for(int j=0; j<roleNames.getLength(); j++)
- {
- Element roleName = (Element)roleNames.item(j);
-
- if(allow)
- {
- policyResource.addAllowed(roleName.getTextContent().trim());
- }
- else
- {
- policyResource.addDenied(roleName.getTextContent().trim());
- }
- }
- }
- }
- }
- }
+
+ return secureWebActions;
+ }
}
Modified: modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java
===================================================================
--- modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -51,21 +51,20 @@
import org.jboss.security.authz.http.component.action.Post;
import org.jboss.security.authz.http.component.action.Put;
import org.jboss.security.authz.http.component.action.Trace;
+import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.http.component.resource.HttpResource;
import org.jboss.security.authz.http.configuration.HttpPolicyConfig;
import org.jboss.security.authz.tools.GeneralTool;
-
import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
import org.jboss.security.authz.policy.server.Server;
import org.jboss.security.authz.policy.server.spi.PolicyConfig;
import org.jboss.security.authz.policy.server.PolicyServer;
-import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
-import org.jboss.security.authz.components.subject.Roles;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.enforcement.EnforcementContext;
+import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
/**
@@ -156,8 +155,8 @@
HttpServletResponse httpResponse = (HttpServletResponse)response;
//Perform a Security check
- Request authzRequest = this.createAuthorizationRequest(httpRequest);
- Response authzResponse = this.enforcer.checkAccess(authzRequest);
+ EnforcementContext enforcementContext = this.createEnforcementContext(httpRequest);
+ EnforcementResponse authzResponse = this.enforcer.checkAccess(enforcementContext);
//Process the authorization response and allow or deny further processing
if(!authzResponse.isAccessGranted())
@@ -184,9 +183,9 @@
}
}
//------------------------------------------------------------------------------------------------------------------------------------------------------------------
- private Request createAuthorizationRequest(HttpServletRequest httpRequest) throws Exception
+ private EnforcementContext createEnforcementContext(HttpServletRequest httpRequest) throws Exception
{
- Request authzRequest = new Request();
+ EnforcementContext context = new EnforcementContext();
HttpResource contextResource = new HttpResource();
@@ -205,7 +204,9 @@
String value = httpRequest.getParameter(name);
contextResource.addParameter(name, value);
}
-
+
+ //TODO: migrate to the new developer framework
+ /*
//Setup Resource context
authzRequest.addResource(contextResource.getResource());
@@ -243,9 +244,9 @@
//TODO: replace mock code with actual loading of Roles information of the authenticated user via the new Identity API
Roles roles = new Roles();
roles.addName(Roles.ANONYMOUS);
- authzRequest.addSubject(roles.getSubject());
+ authzRequest.addSubject(roles.getSubject());*/
- return authzRequest;
+ return context;
}
private void configure(String httpPolicy) throws Exception
Added: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/MockPolicy.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/MockPolicy.java (rev 0)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/MockPolicy.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,276 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.http.components;
+
+import java.util.List;
+import java.util.Set;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.util.UUID;
+
+import javax.xml.bind.JAXBElement;
+
+import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.model.PolicyMetaData;
+import org.jboss.security.authz.model.Rule;
+import org.jboss.security.authz.model.Effect;
+import org.jboss.security.authz.model.PolicyException;
+import org.jboss.security.authz.model.AttributeExpression;
+import org.jboss.security.authz.model.DroolsRuleExpression;
+import org.jboss.security.authz.model.Expression;
+import org.jboss.security.authz.xacml.AttributeDesignatorUtil;
+import org.jboss.security.authz.xacml.PolicyUtil;
+
+import org.jboss.security.xacml.core.model.policy.ActionMatchType;
+import org.jboss.security.xacml.core.model.policy.SubjectMatchType;
+import org.jboss.security.xacml.core.model.policy.ApplyType;
+import org.jboss.security.xacml.core.model.policy.VariableReferenceType;
+import org.jboss.security.xacml.core.model.policy.EffectType;
+import org.jboss.security.xacml.core.model.policy.PolicyType;
+import org.jboss.security.xacml.core.model.policy.ResourceMatchType;
+import org.jboss.security.xacml.core.model.policy.ResourcesType;
+import org.jboss.security.xacml.core.model.policy.ResourceType;
+import org.jboss.security.xacml.core.model.policy.ActionsType;
+import org.jboss.security.xacml.core.model.policy.ActionType;
+import org.jboss.security.xacml.core.model.policy.SubjectsType;
+import org.jboss.security.xacml.core.model.policy.SubjectType;
+import org.jboss.security.xacml.core.model.policy.RuleType;
+import org.jboss.security.xacml.core.model.policy.TargetType;
+import org.jboss.security.xacml.core.model.policy.ConditionType;
+import org.jboss.security.xacml.core.model.policy.ObjectFactory;
+import org.jboss.security.xacml.core.model.policy.AttributeValueType;
+import org.jboss.security.xacml.core.model.policy.SubjectAttributeDesignatorType;
+import org.jboss.security.xacml.factories.PolicyAttributeFactory;
+
+/**
+ * Used for specifying policies for Resources represented by unique URIs, sometimes forming a tree like relationship with other Resources in the system
+ *
+ * An example of such resources would be tree of resources/nodes in a Content Management System
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class MockPolicy extends Policy
+{
+
+ public MockPolicy(String policyUri, PolicyMetaData metaData) throws PolicyException
+ {
+ super(policyUri, metaData);
+ }
+
+
+ @Override
+ public String generateSystemPolicy() throws PolicyException
+ {
+ ByteArrayOutputStream bos = null;
+ try
+ {
+ String xacmlXml = null;
+
+ //SetUp the Policy Header
+ ObjectFactory objectFactory = new ObjectFactory();
+ PolicyType policyType = new PolicyType();
+ policyType.setPolicyId(this.policyUri);
+ policyType.setVersion("2.0");
+ policyType.setRuleCombiningAlgId(new NoPermitMeansDeniedAlg().getIdentifier().toString());
+
+ TargetType targetType = new TargetType();
+ policyType.setTarget(targetType);
+
+ //Process Resource Matches as Targets for the Policy
+ List<AttributeExpression> resourceMatches = this.metaData.getTarget().getResourceMatches();
+ if(resourceMatches != null && !resourceMatches.isEmpty())
+ {
+ ResourcesType resourcesType = new ResourcesType();
+ targetType.setResources(resourcesType);
+ ResourceType resourceType = new ResourceType();
+
+ for(AttributeExpression resourceMatch: resourceMatches)
+ {
+ ResourceMatchType rmt = new ResourceMatchType();
+
+ rmt.setMatchId(resourceMatch.getFunctionId());
+ rmt.setResourceAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(resourceMatch.getAttribute(), true));
+ rmt.setAttributeValue(PolicyAttributeFactory
+ .createStringAttributeType(resourceMatch.getAttribute().getValue()));
+
+ resourceType.getResourceMatch().add(rmt);
+ }
+
+ resourcesType.getResource().add(resourceType);
+ }
+
+ //Process the Policy Rules
+ Set<Rule> rules = this.metaData.getRules();
+ if(rules != null && !rules.isEmpty())
+ {
+ for(Rule rule: rules)
+ {
+ RuleType ruleType = new RuleType();
+ ruleType.setRuleId(rule.getRuleId());
+ if(rule.getEffect() == Effect.PERMIT)
+ {
+ ruleType.setEffect(EffectType.PERMIT);
+ }
+ else
+ {
+ ruleType.setEffect(EffectType.DENY);
+ }
+
+ //Process the Rule Target
+ if(rule.getTarget() != null)
+ {
+ List<AttributeExpression> actionMatches = rule.getTarget().getActionMatches();
+ List<AttributeExpression> subjectMatches = rule.getTarget().getSubjectMatches();
+ TargetType ruleTarget = new TargetType();
+
+ if(actionMatches != null && !actionMatches.isEmpty())
+ {
+ ruleTarget.setActions(this.generateRuleActions(actionMatches));
+ }
+
+ if(subjectMatches != null && !subjectMatches.isEmpty())
+ {
+ ruleTarget.setSubjects(this.generateRuleSubjects(subjectMatches));
+ }
+
+ ruleType.setTarget(ruleTarget);
+ }
+
+ //Process the Rule Expression/Condition
+ ConditionType condition = this.generateCondition(objectFactory, rule.getExpression());
+ ruleType.setCondition(condition);
+
+ policyType.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(ruleType);
+ }
+ }
+
+ bos = new ByteArrayOutputStream();
+ PolicyUtil.marshall(bos, policyType);
+ xacmlXml = new String(bos.toByteArray());
+
+ return xacmlXml;
+ }
+ catch(Exception e)
+ {
+ throw new PolicyException(e);
+ }
+ finally
+ {
+ if(bos != null)
+ {
+ try{bos.close();}catch(IOException ioe){}
+ }
+ }
+ }
+
+ private ActionsType generateRuleActions(List<AttributeExpression> actionMatches)
+ {
+ ActionsType actions = new ActionsType();
+
+ for(AttributeExpression action: actionMatches)
+ {
+ ActionType actionType = new ActionType();
+ ActionMatchType amct = new ActionMatchType();
+ amct.setMatchId(action.getFunctionId());
+ amct.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(action.getAttribute().getValue()));
+ amct.setActionAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(action.getAttribute(), true));
+ actionType.getActionMatch().add(amct);
+ actions.getAction().add(actionType);
+ }
+
+ return actions;
+ }
+
+ private SubjectsType generateRuleSubjects(List<AttributeExpression> subjectMatches)
+ {
+ SubjectsType subjects = new SubjectsType();
+
+ for(AttributeExpression subject: subjectMatches)
+ {
+ SubjectType subjectType = new SubjectType();
+ SubjectMatchType match = new SubjectMatchType();
+ match.setMatchId(subject.getFunctionId());
+ match.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(subject.getAttribute().getValue()));
+ match.setSubjectAttributeDesignator((SubjectAttributeDesignatorType)AttributeDesignatorUtil.getAttributeDesignator(subject.getAttribute(), true));
+ subjectType.getSubjectMatch().add(match);
+ subjects.getSubject().add(subjectType);
+ }
+
+ return subjects;
+ }
+
+ /**
+ *
+ * @param expression
+ * @return
+ */
+ private ConditionType generateCondition(ObjectFactory objectFactory, Expression expression)
+ {
+ ConditionType condition = new ConditionType();
+
+ if(expression instanceof AttributeExpression)
+ {
+ AttributeExpression attributeExpression = (AttributeExpression)expression;
+
+ //Function to be applied
+ ApplyType apply = new ApplyType();
+ apply.setFunctionId(attributeExpression.getFunctionId());
+
+ //Value to check against
+ AttributeValueType attrValue = PolicyAttributeFactory.createStringAttributeType(attributeExpression.getAttribute().getValue());
+ JAXBElement<AttributeValueType> jaxbAttrValue = objectFactory.createAttributeValue(attrValue);
+ apply.getExpression().add(jaxbAttrValue);
+
+ //Place within the Context where this Value should exist during an Authorization Request
+ apply.getExpression().add(AttributeDesignatorUtil.getAttributeDesignatorXml(attributeExpression.getAttribute(), true));
+
+
+ condition.setExpression(objectFactory.createApply(apply));
+ }
+ else if(expression instanceof DroolsRuleExpression)
+ {
+ DroolsRuleExpression ruleExpression = (DroolsRuleExpression)expression;
+
+ //Function to be applied
+ ApplyType apply = new ApplyType();
+ apply.setFunctionId(ruleExpression.getFunctionId());
+
+
+ VariableReferenceType ruleReference = new VariableReferenceType();
+ ruleReference.setVariableId(ruleExpression.getRuleReference());
+ JAXBElement<VariableReferenceType> jaxbRuleReference = objectFactory.createVariableReference(ruleReference);
+ apply.getExpression().add(jaxbRuleReference);
+
+
+ condition.setExpression(objectFactory.createApply(apply));
+ }
+
+ return condition;
+ }
+
+ private String generateUniqueId()
+ {
+ return UUID.randomUUID().toString();
+ }
+}
Added: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/NoPermitMeansDeniedAlg.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/NoPermitMeansDeniedAlg.java (rev 0)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/NoPermitMeansDeniedAlg.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -0,0 +1,83 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.http.components;
+
+import java.util.List;
+import java.util.Iterator;
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import org.jboss.security.xacml.sunxacml.combine.RuleCombiningAlgorithm;
+import org.jboss.security.xacml.sunxacml.EvaluationCtx;
+import org.jboss.security.xacml.sunxacml.ctx.Result;
+import org.jboss.security.xacml.sunxacml.Rule;
+import org.jboss.security.xacml.sunxacml.combine.RuleCombinerElement;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class NoPermitMeansDeniedAlg extends RuleCombiningAlgorithm
+{
+ /**
+ *
+ * @throws URISyntaxException
+ */
+ public NoPermitMeansDeniedAlg() throws URISyntaxException
+ {
+ super(new URI("rule-combining-alg:nopermit-means-denied"));
+ }
+
+ /**
+ *
+ * @param context
+ * @param rules
+ * @return
+ */
+ public Result combine(EvaluationCtx context, List parameters, List ruleElements)
+ {
+ Result result = new Result(Result.DECISION_PERMIT);
+
+ Iterator rules = ruleElements.iterator();
+ boolean permitFound = false;
+ while(rules.hasNext())
+ {
+ RuleCombinerElement ruleCombinerElement = (RuleCombinerElement)rules.next();
+ Rule rule = ruleCombinerElement.getRule();
+ Result currentResult = rule.evaluate(context);
+
+ if(currentResult.getDecision() == Result.DECISION_PERMIT)
+ {
+ permitFound = true;
+ break;
+ }
+ }
+
+ if(!permitFound)
+ {
+ result = new Result(Result.DECISION_DENY);
+ }
+
+ return result;
+ }
+}
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -27,10 +27,17 @@
import org.apache.log4j.Logger;
-import org.jboss.security.authz.http.component.resource.HttpResource;
+import org.jboss.security.authz.agent.Agent;
+import org.jboss.security.authz.agent.services.CompositionContext;
+import org.jboss.security.authz.agent.services.PolicyComposer;
+
+import org.jboss.security.authz.components.subject.Identity;
+import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.test.MockPolicy;
+import org.jboss.security.authz.model.Effect;
+import org.jboss.security.authz.http.component.resource.HttpResource;
+import org.jboss.security.authz.http.component.action.Get;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
@@ -39,12 +46,29 @@
{
private static Logger log = Logger.getLogger(TestHttpResource.class);
+ private PolicyComposer policyComposer;
+
+ protected void setUp() throws Exception
+ {
+ Agent.bootstrap();
+ this.policyComposer = (PolicyComposer)Agent.lookup("/agent/PolicyComposer");
+ }
+ //------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ //TODO: migrate to the new developer framework
public void testGetURLTargetNoParameters() throws Exception
{
HttpResource httpResource = new HttpResource();
httpResource.setUri(new URI("/portal/admin-tool/modifyLayout"));
+
+ Identity identity = new Identity();
+ identity.setName("blahUser");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(httpResource);
+ context.addPolicyRule(Effect.PERMIT, identity, null);
- Policy policy = new MockPolicy("testGetURLTargetNoParameters", httpResource.getPolicyMetaData());
+ Policy policy = new MockPolicy("testGetURLTargetNoParameters", this.policyComposer.compose(context));
log.info("------------------------------------------------------------------");
log.info(policy.generateSystemPolicy());
@@ -56,10 +80,17 @@
httpResource.setUri(new URI("/portal/admin-tool/modifyLayout"));
httpResource.addParameter("test1", "test1://value");
httpResource.addParameter("test2", "test2://value");
+
+ Identity identity = new Identity();
+ identity.setName("blahUser");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(httpResource);
+ context.addPolicyRule(Effect.PERMIT, identity, null);
+ Policy policy = new MockPolicy("testGetURLTargetWithParameters", this.policyComposer.compose(context));
- Policy policy = new MockPolicy("testGetURLTargetWithParameters", httpResource.getPolicyMetaData());
-
log.info("------------------------------------------------------------------");
log.info(policy.generateSystemPolicy());
}
@@ -70,42 +101,49 @@
httpResource.setUri(new URI("/portal/admin-tool/modifyLayout"));
httpResource.addParameter("test1", "test1://value");
httpResource.addParameter("test2", "test2://value");
- httpResource.addAllowed("admin");
- httpResource.addDenied("anonymous");
+
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("admin");
+ allowedRoles.addName("user");
+
+ Roles deniedRoles = new Roles();
+ deniedRoles.addName("anonymous");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(httpResource);
+ context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles, "allowExpression");
+ context.addPolicyRule(Effect.DENY, new Get(), deniedRoles, "denyExpression");
- Policy policy = new MockPolicy("testRoleRules", httpResource.getPolicyMetaData());
+ Policy policy = new MockPolicy("testRoleRules", this.policyComposer.compose(context));
log.info("------------------------------------------------------------------");
log.info(policy.generateSystemPolicy());
}
-
- public void testIPRules() throws Exception
- {
- HttpResource httpResource = new HttpResource();
- httpResource.setUri(new URI("/portal/admin-tool/modifyLayout"));
- httpResource.addParameter("test1", "test1://value");
- httpResource.addParameter("test2", "test2://value");
- httpResource.addAllowed("admin");
- httpResource.addDenied("anonymous");
-
- Policy policy = new MockPolicy("testIPRules", httpResource.getPolicyMetaData());
- log.info("------------------------------------------------------------------");
- log.info(policy.generateSystemPolicy());
- }
-
public void testURLPattern() throws Exception
{
HttpResource httpResource = new HttpResource();
httpResource.setUri(new URI("/portal/*"));
httpResource.addParameter("test1", "test1://value");
httpResource.addParameter("test2", "test2://value");
- httpResource.addAllowed("admin");
- httpResource.addDenied("anonymous");
+
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("admin");
+ allowedRoles.addName("user");
+
+ Roles deniedRoles = new Roles();
+ deniedRoles.addName("anonymous");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(httpResource);
+ context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles, "allowExpression");
+ context.addPolicyRule(Effect.DENY, new Get(), deniedRoles, "denyExpression");
- Policy policy = new MockPolicy("testURLPattern", httpResource.getPolicyMetaData());
+ Policy policy = new MockPolicy("testURLPattern", this.policyComposer.compose(context));
log.info("------------------------------------------------------------------");
log.info(policy.generateSystemPolicy());
- }
+ }
}
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -24,6 +24,8 @@
import java.net.URI;
import org.apache.log4j.Logger;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.components.action.Read;
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.http.component.resource.HttpResource;
@@ -31,8 +33,6 @@
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
-import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.policy.server.Server;
import junit.framework.TestCase;
@@ -55,7 +55,8 @@
this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
}
- public void testMatchContextSuperset() throws Exception
+ //TODO: migrate to the new developer framework
+ /*public void testMatchContextSuperset() throws Exception
{
//SetUp HttpResource component to generate/store a policy
HttpResource policyResource = new HttpResource();
@@ -178,5 +179,5 @@
request.setAction(new Read().getAction());
return request;
- }
+ }*/
}
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -24,15 +24,15 @@
import java.net.URI;
import org.apache.log4j.Logger;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.components.action.Read;
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.http.component.resource.HttpResource;
import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
import org.jboss.security.authz.policy.server.Server;
import junit.framework.TestCase;
@@ -54,7 +54,8 @@
this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
}
- public void test() throws Exception
+ //TODO: migrate to the new developer framework
+ /*public void test() throws Exception
{
HttpResource policyResource = new HttpResource();
policyResource.setUri(new URI("/private/devspace/*"));
@@ -149,5 +150,5 @@
request.setAction(new Read().getAction());
return request;
- }
+ }*/
}
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -25,6 +25,8 @@
import java.util.regex.Pattern;
import org.apache.log4j.Logger;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.components.action.Read;
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.http.component.resource.HttpResource;
@@ -32,10 +34,8 @@
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.model.PolicyMetaData;
import org.jboss.security.authz.model.Resource;
-import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
import org.jboss.security.authz.policy.server.Server;
import junit.framework.TestCase;
@@ -57,12 +57,13 @@
this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
}
- public void testRegex() throws Exception
+ //TODO: migrate to the new developer framework
+ /*public void testRegex() throws Exception
{
- /**
- * Rule = "/prefix/url/*" matches any URL starting with /prefix/url,
- * including prefix/url itself. It does not match /prefix/urlfoo because any slash must immediately follow url
- */
+ //
+ // Rule = "/prefix/url/*" matches any URL starting with /prefix/url,
+ // including prefix/url itself. It does not match /prefix/urlfoo because any slash must immediately follow url
+ //
String regex = "^/prefix/url$|^prefix/url$|^/prefix/url/.*|^prefix/url/.*";
//Should Match
@@ -150,5 +151,5 @@
request.setAction(new Read().getAction());
return request;
- }
+ }*/
}
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/integration/TestEnterprisePolicyFinderModule.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/integration/TestEnterprisePolicyFinderModule.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/integration/TestEnterprisePolicyFinderModule.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -31,13 +31,13 @@
import org.jboss.security.authz.model.PolicyMetaData;
import org.jboss.security.authz.model.Resource;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.components.action.Read;
-import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
import org.jboss.security.authz.policy.server.Server;
@@ -62,7 +62,8 @@
{
}
- public void testNewPolicyEnforcement() throws Exception
+ //TODO: migrate to the new developer framework
+ /*public void testNewPolicyEnforcement() throws Exception
{
HttpResource httpResource = new HttpResource();
httpResource.setUri(new URI("/blah/index.html"));
@@ -126,5 +127,5 @@
request.setAction(new Read().getAction());
return request;
- }
+ }*/
}
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -29,6 +29,10 @@
import org.apache.log4j.Logger;
+import org.jboss.security.authz.agent.Agent;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.agent.services.PolicyComposer;
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.http.component.action.Get;
import org.jboss.security.authz.http.component.action.Post;
@@ -38,8 +42,6 @@
import org.jboss.security.authz.tools.GeneralTool;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
import org.jboss.security.authz.policy.server.Server;
import org.jboss.security.authz.policy.server.spi.PolicyConfig;
@@ -56,6 +58,7 @@
private PolicyEnforcementPoint enforcer;
private PolicyProvisioner provisioner;
+ private PolicyComposer policyComposer;
/**
*
@@ -63,13 +66,19 @@
protected void setUp() throws Exception
{
Server.bootstrap();
+ Agent.bootstrap();
+
this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
+ this.policyComposer = (PolicyComposer)Agent.lookup("/agent/PolicyComposer");
}
//------------------------------------------------------------------------------------------------------------------------------------------------------
+ //TODO: migrate to the new developer framework
public void testExecutiveFiles() throws Exception
{
PolicyConfig config = new HttpPolicyConfig();
+ ((HttpPolicyConfig)config).setPolicyComposer(this.policyComposer);
+
InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream("http-policy.xml");
Policy[] policies = config.configure(GeneralTool.readStream(is));
@@ -79,7 +88,7 @@
for(int i=0; i<policies.length; i++)
{
String xacmlPolicy = policies[i].generateSystemPolicy();
- this.provisioner.newPolicy(policies[i].getMetaData());
+ //this.provisioner.newPolicy(policies[i].getMetaData());
log.info("------------------------------------------------------");
log.info(xacmlPolicy);
@@ -89,7 +98,7 @@
is.close();
//Perform an Enforcement
- HttpResource incoming = new HttpResource();
+ /*HttpResource incoming = new HttpResource();
incoming.setUri(new URI("/private/executives/index.html"));
incoming.addParameter("id", "1234");
@@ -105,7 +114,7 @@
this.enforce(this.createGetRequest(incoming, new String[]{"manager"}), false);
//Anonymous is Not Allowed
- this.enforce(this.createGetRequest(incoming, new String[]{"anonymous"}), false);
+ this.enforce(this.createGetRequest(incoming, new String[]{"anonymous"}), false);*/
}
/*public void testBoardFiles() throws Exception
@@ -186,7 +195,7 @@
//Anonymous is Not Allowed
this.enforce(this.createGetRequest(incoming, new String[]{"anonymous"}), false);
- }*/
+ }
//-------------------------------------------------------------------------------------------------------------------------------------------------
private void enforce(Request request, boolean mustBePermitted) throws Exception
{
@@ -249,5 +258,5 @@
request.setAction(new Post().getAction());
return request;
- }
+ }*/
}
Modified: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java
===================================================================
--- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -29,15 +29,15 @@
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.model.PolicyMetaData;
import org.jboss.security.authz.model.Resource;
+import org.jboss.security.authz.policy.client.enforcement.Request;
+import org.jboss.security.authz.policy.client.enforcement.Response;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.components.resource.URIResource;
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.components.action.Read;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
Modified: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java
===================================================================
--- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -29,7 +29,11 @@
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.model.PolicyMetaData;
import org.jboss.security.authz.model.Resource;
+import org.jboss.security.authz.policy.client.enforcement.Request;
+import org.jboss.security.authz.policy.client.enforcement.Response;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.components.resource.URIResource;
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.components.action.Operation;
@@ -37,10 +41,6 @@
import org.jboss.security.authz.components.action.Write;
import org.jboss.security.authz.components.action.Manage;
-import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
Modified: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java
===================================================================
--- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -29,17 +29,17 @@
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.model.PolicyMetaData;
import org.jboss.security.authz.model.Resource;
+import org.jboss.security.authz.policy.client.enforcement.Request;
+import org.jboss.security.authz.policy.client.enforcement.Response;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.components.resource.URIResource;
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.components.action.Read;
import org.jboss.security.authz.components.action.Write;
import org.jboss.security.authz.components.action.Manage;
-import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
Modified: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java
===================================================================
--- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java 2009-07-10 21:14:33 UTC (rev 13542)
@@ -25,8 +25,8 @@
import junit.framework.TestCase;
import org.apache.log4j.Logger;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
Modified: modules/authorization/trunk/pom.xml
===================================================================
--- modules/authorization/trunk/pom.xml 2009-07-10 18:27:56 UTC (rev 13541)
+++ modules/authorization/trunk/pom.xml 2009-07-10 21:14:33 UTC (rev 13542)
@@ -14,8 +14,8 @@
<module>core-components-api</module>
<module>agent</module>
<module>policy-server</module>
+ <module>http-profile</module>
<!--
- <module>http-profile</module>
<module>portal-profile</module>
-->
</modules>
16 years, 10 months
- 1
- 0
JBoss Portal SVN: r13541 - branches/Enterprise_Portal_Platform_4_3/core/src/resources/portal-core-sar/conf/hibernate/portal.
by portal-commits@lists.jboss.org
Author: mputz
Date: 2009-07-10 14:27:56 -0400 (Fri, 10 Jul 2009)
New Revision: 13541
Modified:
branches/Enterprise_Portal_Platform_4_3/core/src/resources/portal-core-sar/conf/hibernate/portal/domain.hbm.xml
Log:
Reverted: JBPORTAL-2384: Fix hibernate mappings to address N+1 select problem on accessing ObjectNode.children
Modified: branches/Enterprise_Portal_Platform_4_3/core/src/resources/portal-core-sar/conf/hibernate/portal/domain.hbm.xml
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core/src/resources/portal-core-sar/conf/hibernate/portal/domain.hbm.xml 2009-07-10 18:27:33 UTC (rev 13540)
+++ branches/Enterprise_Portal_Platform_4_3/core/src/resources/portal-core-sar/conf/hibernate/portal/domain.hbm.xml 2009-07-10 18:27:56 UTC (rev 13541)
@@ -54,7 +54,7 @@
name="children"
inverse="true"
cascade="none"
- fetch="subselect"
+ fetch="select"
lazy="true">
<cache usage="@portal.hibernate.cache.usage@"/>
<key column="PARENT_KEY"/>
@@ -73,9 +73,7 @@
name="object"
class="org.jboss.portal.core.impl.model.portal.PortalObjectImpl"
cascade="none"
- fetch="join"
- constrained="true"
- lazy="false">
+ fetch="select">
</one-to-one>
<map
name="securityConstraints"
16 years, 10 months
- 1
- 0
JBoss Portal SVN: r13540 - branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/hibernate/portal.
by portal-commits@lists.jboss.org
Author: mputz
Date: 2009-07-10 14:27:33 -0400 (Fri, 10 Jul 2009)
New Revision: 13540
Modified:
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/hibernate/portal/domain.hbm.xml
Log:
Reverted: JBPORTAL-2384: Fix hibernate mappings to address N+1 select problem on accessing ObjectNode.children
Modified: branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/hibernate/portal/domain.hbm.xml
===================================================================
--- branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/hibernate/portal/domain.hbm.xml 2009-07-10 15:11:54 UTC (rev 13539)
+++ branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/hibernate/portal/domain.hbm.xml 2009-07-10 18:27:33 UTC (rev 13540)
@@ -54,7 +54,7 @@
name="children"
inverse="true"
cascade="none"
- fetch="subselect"
+ fetch="select"
lazy="true">
<cache usage="@portal.hibernate.cache.usage@"/>
<key column="PARENT_KEY"/>
@@ -73,9 +73,7 @@
name="object"
class="org.jboss.portal.core.impl.model.portal.PortalObjectImpl"
cascade="none"
- fetch="join"
- constrained="true"
- lazy="false">
+ fetch="select">
</one-to-one>
<map
name="securityConstraints"
16 years, 10 months
- 1
- 0
JBoss Portal SVN: r13539 - in branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests: src/org/jboss/portal/test/ant and 1 other directories.
by portal-commits@lists.jboss.org
Author: vrockai
Date: 2009-07-10 11:11:54 -0400 (Fri, 10 Jul 2009)
New Revision: 13539
Added:
branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/src/org/jboss/portal/test/ant/
branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/src/org/jboss/portal/test/ant/FileCreate.java
Removed:
branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/test_files/big_archive.zip
branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/test_files/many_files.zip
Log:
[selenium] - test suite migration 2
Added: branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/src/org/jboss/portal/test/ant/FileCreate.java
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/src/org/jboss/portal/test/ant/FileCreate.java (rev 0)
+++ branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/src/org/jboss/portal/test/ant/FileCreate.java 2009-07-10 15:11:54 UTC (rev 13539)
@@ -0,0 +1,94 @@
+package org.jboss.portal.test.ant;
+
+import java.io.FileWriter;
+import java.io.IOException;
+
+import org.apache.tools.ant.Project;
+import org.apache.tools.ant.Task;
+
+/**
+ * @author vrockai
+ * FileCreate task is responsible for creating specified number of files of random content and of specified name and size.
+ * <h2>Parameters</h2>
+ * <table>
+ * <thead>
+ * <tr>
+ * <th>Attribute</th>
+ * <th>Description</th>
+ * </tr>
+ * </thead>
+ * <tbody>
+ * <tr>
+ * <td>filename</td>
+ * <td>The prefix of name of file(s) to be generated.</td>
+ * </tr>
+ * <tr>
+ * <td>suffix</td>
+ * <td>When more then one file is about to be created (set by the count attribute) the filename then consist of the string set by the filename attribe + "[i]" string + the suffix string set by the suffix attribute.</td>
+ * </tr>
+ * <tr>
+ * <td>size</td>
+ * <td>The size of individual file to be generated in bytes. When more files are generated (set by count attribute), each file has specified size.</td>
+ * </tr>
+ * <tr>
+ * <td>count</td>
+ * <td>The number of files to be generated. The filename then consist of the string set by the filename attribe + "[i]" string + the suffix string set by the suffix attribute.</td>
+ * </tr>
+ * </tbody>
+ * </table>
+ *
+ */
+public class FileCreate extends Task {
+
+ String filename;
+ String suffix = "";
+ int size = 0;
+ int count = 1;
+
+ public void setFilename(String filename) {
+ this.filename = filename;
+ }
+
+ public void setSuffix(String suffix) {
+ this.suffix = suffix;
+ }
+
+ public void setSize(int size) {
+ this.size = size;
+ }
+
+ public void setCount(int count) {
+ this.count = count;
+ }
+
+ public void execute() {
+ createFile();
+ }
+
+ public void createFile() {
+
+ FileWriter fstream;
+ try {
+ for (int i = 0; i < count; i++) {
+
+ String fname = count > 1 ? filename + "" + (i+1) + suffix: filename;
+
+ fstream = new FileWriter(fname);
+
+ for (int k = 0; k < size; k++) {
+ fstream.write(Math.random() > 0.5 ? 1 : 0);
+ }
+
+ fstream.close();
+
+ }
+ String mess = "File \"" + filename + "\" of size " + size + "B was created";
+ if (count > 1)
+ mess = count + " files \"" + filename + "[i]"+suffix+"\" each of size " + size + "B were created";
+ log(mess, Project.MSG_INFO);
+ } catch (IOException e) {
+ log("FAIL: " + e.getLocalizedMessage());
+ }
+ }
+
+}
Deleted: branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/test_files/big_archive.zip
===================================================================
(Binary files differ)
Deleted: branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/test_files/many_files.zip
===================================================================
(Binary files differ)
16 years, 10 months
- 1
- 0